Wrote about it yesterday: Hacking - a curious incident
It's real and it's massive - from the United States Cybersecurity and Infrastructure Security Agency
Active Exploitation of SolarWinds Software
The Cybersecurity and Infrastructure Security Agency (CISA) is aware of active exploitation of SolarWinds Orion Platform software versions 2019.4 HF 5 through 2020.2.1 HF 1, released between March 2020 and June 2020.
CISA encourages affected organizations to read the SolarWinds and FireEye advisories for more information and FireEye’s GitHub page for detection countermeasures:
SolarWinds makes software that helps large organizations manage their network and IT infrastructure. Monitoring network and server performance, databases, trouble tickets and service desk. The basic tasks. They are used by a lot of corporations, our government, military and yes, Dominion Voting Systems.
The issue here is not just the initial breach. The core issue is that it installs backdoors into the infected machines which lay dormant until triggered - either by an external signal or a length of time. These systems will need to be taken down to bare metal and rebuilt. More as I hear about it.
Leave a comment