Sign Up | Log In
REAL WORLD EVENT DISCUSSIONS
There's the IOT ... and then there's the internet, as vulnerable as ever
Friday, December 18, 2020 3:26 PM
1KIKI
Goodbye, kind world (George Monbiot) - In common with all those generations which have contemplated catastrophe, we appear to be incapable of understanding what confronts us.
Friday, December 18, 2020 6:14 PM
SIGNYM
I believe in solving problems, not sharing them.
Quote: CONFIRMED: Dominion Uses SolarWinds Software, Denies Using Software Included In Devastating Hack Sources confirm that Dominion Voting Systems uses the SolarWinds Serv-U product. Multiple sources have confirmed Dominion Voting Systems utilizes products from SolarWinds, a recently hacked software company that provides IT service management to businesses, the executive branch, intelligence services, and the US military. Dominion denies using SolarWinds products included in the hack. SolarWinds was hacked in March
Quote: by who the ODNI, FBI, and CISA refer to as “malicious actors.” The breach of the SolarWinds’ Orion platform was announced this month
Quote:, just six days before SolarWinds investors sold hundreds of millions of dollars in stock. The Daily Dot claims that a Dominion Voting Systems spokesperson said “Dominion Voting Systems does not now — nor has it ever — used the SolarWinds Orion Platform, which was subject of the DHS emergency directive dated December 12, 2020.”
Quote:However, multiple sources have pointed out that Dominion does, in fact, use some SolarWinds’ software. So, I’ve seen folks pointing out that Dominion Voting Systems uses #SolarWinds. DVS definitely uses the SolarWinds Serv-U product; however, according to @AlexaCorse, they do not use the Orion product line. (1/n) — Jon Gorenflo ? ??????? (@flakpaket) December 15, 2020 DVS recently deleted references and links to SolarWinds off their website, as was pointed out by Ron Watkins, a former administrator for the message board website 8chan. Dominion Voting Systems uses SolarWinds products and it is still not powered down. Was Dominion Voting Systems a target? Was Dominion Voting Systems hacked? https://t.co/YJVHPilN1Rhttps://t.co/JDWWFVfofr https://t.co/MSgJ7yxoFY pic.twitter.com/hbaLZSYSPF — Ron (@CodeMonkeyZ) December 14, 2020 Amid the concerns regarding the SolarWinds hacking incident, the ODNI, FBI, and CISA issued a joint statement regarding a “cyber security campaign against America,” as National File reported. “As the joint statement reads, the agencies issued an Emergency Directive which instructed federal civilian agencies “to immediately
Quote: disconnect or power down affected SolarWinds Orion products from their network” due to exploitation from “malicious actors.” SolarWinds Orion products (affected versions are 2019.4 through 2020.2.1 HF1) are currently being exploited by malicious actors. This tactic permits an attacker to gain access to network traffic management systems. Disconnecting affected devices, as described below in Required Action 2, is the only known mitigation measure currently available. CISA has determined that this exploitation of SolarWinds products poses an unacceptable risk to Federal Civilian Executive Branch agencies and requires emergency action. Dominion Voting Systems uses SolarWinds products, but has recently removed a reference link to SolarWinds from their official website. Dominion has been criticized recently for their potential role involving mass voter fraud in the 2020 US election.” This story is still developing and National File will continue to cover the SolarWinds hacking incident and its potential implications.
Friday, December 18, 2020 8:41 PM
Saturday, January 2, 2021 7:48 PM
Quote:At a minimum it has set off alarms about the vulnerability of government and private sector networks in the United States to attack and raised questions about how and why the nation’s cyberdefenses failed so spectacularly. Those questions have taken on particular urgency given that the breach was not detected by any of the government agencies that share responsibility for cyberdefense — the military’s Cyber Command and the National Security Agency, both of which are run by General Nakasone, and the Department of Homeland Security — but by a private cybersecurity company, FireEye.
Quote:SolarWinds is believed to be one of several supply chain vendors Russia used in the hacking. Microsoft ... initially said that it had not been breached, only to discover this week that it had been — and that resellers of its software had been, too.
Quote:SolarWinds Adviser Warned of Lax Security Years Before Hack https://www.bloomberg.com/news/articles/2020-12-21/solarwinds-adviser-warned-of-lax-security-years-before-hack
Quote: SolarWinds, the company that the hackers used as a conduit for their attacks, had a history of lackluster security for its products, making it an easy target ... Employees say that under Mr. Thompson, an accountant by training and a former chief financial officer, every part of the business was examined for cost savings and common security practices were eschewed because of their expense. Ian Thornton-Trump, a former cybersecurity adviser at SolarWinds, said he warned management that year that unless it took a more proactive approach to its internal security, a cybersecurity episode would be “catastrophic.” After his basic recommendations were ignored, Mr. Thornton-Trump left the company.
Quote: ... the company, which said Thursday that the hackers viewed its source code, has not disclosed which of its products were affected or for how long hackers were inside its network.
Quote:Hackers last year conducted a 'dry run' of SolarWinds breach https://news.yahoo.com/hackers-last-year-conducted-a-dry-run-of-solar-winds-breach-215232815.html
Quote:The government’s emphasis on election defense, while critical in 2020, may have diverted resources and attention from long-brewing problems like protecting the “supply chain” of software.
YOUR OPTIONS
NEW POSTS TODAY
OTHER TOPICS
FFF.NET SOCIAL