A massive cyber attack via the SolarWinds systems has left government agencies and companies all over the United States and world incredibly vulnerable. It is a major hack that is courtesy of Russia.

“Russia has long been viewed as a threat in cyberspace. But after one of the most successful cyber intrusion campaigns in U.S. history, questions are being raised over how the federal government was so completely blindsided by an attack many experts have seen coming.

The successful hacking of multiple federal agencies and tens of thousands of individual federal and private entities — widely presumed to be a Russian intrusion and which federal officials warn is ongoing — managed to subvert sophisticated protections by targeting third-party software contractor SolarWinds.”

As reported by The Hill, these hacks though SolarWinds have been taking place since MARCH. SolarWinds is a Texas-based third party software system that uses a Windows platform. You know the hack is incredibly severe when a public statement is issued.

#SolarWindsHack NEW: Joint statement @CISAgov @ODNIgov @FBI acknowledges severity of hack + underscores scope across GOV agencies + private sector. FBI gathering intel to “attribute, pursue, + disrupt the responsible threat actors” NOTE: Russian intelligence suspected @CBSNews pic.twitter.com/sj1rXEGmzq

— Catherine Herridge (@CBS_Herridge) December 17, 2020

Not only are government agencies a client of SolarWinds, but so are colleges and universities, hospitals, accounting firms, and Microsoft!

In fact, Microsoft acknowledged finding the Russia malware in their systems. 

“In his interview with The Post, Smith said none of Microsoft’s customers had been breached through the software giant. “I think we can give you a blanket answer that affirmatively states, no, we are not aware of any customers being attacked through Microsoft’s cloud services or any of our other services, for that matter, by this hacker.””

He’d better be darned sure of that, because if any of Microsoft’s customers find out that yes indeed they WERE hacked, Microsoft will have some major issues on their hands. 

SolarWinds used its Orion platform to monitor the health of their clients IT networks. Great! The question is, who was monitoring and security the Orion platform?? Given the scope of the breach and the sheer number of companies/agencies affected world wide, it seems that SolarWinds phoned it in on the security of the Orion platform. 

Given today’s climate, it is understandable that the media is working to point fingers of blame at President Trump. Heck, they are even inferring that because the President insisted there wasn’t any Russian interference in the 2016 election cycle, that he is willfully ignoring the fact that Russia did then AND now. Thus, their conclusion is, this is all President Trump’s fault. 

Thus people like Mitt Romney are whining about President Trump staying quiet on this breach. Seriously?? Secretary of State Mike Pompeo makes a very good point about why the President would remain quiet about this right now during his interview with Mark Levin.

“SECRETARY POMPEO: That’s absolutely true. I saw this in my time running the world’s premier espionage service at the CIA. There are many things that you’d very much love to say, “Boy, I’m going to call that out,” but a wiser course of action to protect the American people is to calmly go about your business and defend freedom.”

Exactly!

Meanwhile, SolarWinds has a massive problem on their hands. First of all, they received warnings about potential hacks and cyber intrusions into their systems LAST YEAR. As reported by Reuters, multiple cyber criminals were running through the underground web offering access into SolarWinds. Secondly, SolarWinds had a password problem. 

“Security researcher Vinoth Kumar told Reuters that, last year, he alerted the company that anyone could access SolarWinds’ update server by using the password “solarwinds123””

I facepalmed so hard at that, I have a double concussion!

Also, as with the massive #EquifaxBreach, which we wrote about here, here, and here, it seems that SolarWinds executives knew this was going to be bad. How bad? Selling off their stock before this becomes public bad. Cue up the SEC and an insider trading investigation!

Once again the United States is dealing with a major security breach. One that involves third-party vendors and crappy insecure software systems. One that involves sophisticated hacking courtesy of Russia. 

You can bet that Russia has been working on this attack for quite a long while. As in years. SolarWinds has had these contracts with our government agencies, healthcare systems, and Microsoft for YEARS. Even before President Trump was elected. 

What happens now? As CISA has detailed, massive mitigation should be taking place RIGHT NOW and SolarWinds needs to dump their current platform and totally rebuild it. 

Meanwhile, please, what ever you do…don’t use an idiotic password such as SolarWinds123 to ensure the security of your company’s IT network!

Feature Photo Credit: Security Internet Cyber by geralt via Pixabay, cropped and modified