Security Researcher Reveals Solarwinds' Update Server Was 'Secured' With The Password 'solarwinds123'

Security Researcher Reveals Solarwinds' Update Server Was 'Secured' With The Password 'solarwinds123'

4 years ago
Anonymous $y15ULlV7sG

https://www.techdirt.com/articles/20201215/13203045893/security-researcher-reveals-solarwinds-update-server-was-secured-with-password-solarwinds123.shtml

As was noted here earlier, up to 18,000 customers of globally-dominant network infrastructure vendor SolarWinds may have been compromised by malicious hackers. The hackers -- presumed to be operating on behalf of the Russian government -- deployed tainted updates (served up by SolarWinds) that gave them backdoors to snoop on internal communications and exfiltrate sensitive data.

The attack was so widespread and potentially catastrophic, the DHS's cyber wing issued an emergency directive that stated the only way to mitigate damage was to airgap devices and uninstall affected Orion software. Meanwhile, SolarWinds filed an update with the SEC detailing the extent of the damage. It was limited, but only if you consider 18-33,000 potential infections "limited." It's only a small percentage because Solarwinds's customer base is so large. The company boasts 300,000 customers, among them several government agencies and all five branches of the military. (It's not boasting much these days. It has memory-holed its "Customer" page during this trying time.)

Security Researcher Reveals Solarwinds' Update Server Was 'Secured' With The Password 'solarwinds123'

Dec 16, 2020, 12:37pm UTC
https://www.techdirt.com/articles/20201215/13203045893/security-researcher-reveals-solarwinds-update-server-was-secured-with-password-solarwinds123.shtml > As was noted here earlier, up to 18,000 customers of globally-dominant network infrastructure vendor SolarWinds may have been compromised by malicious hackers. The hackers -- presumed to be operating on behalf of the Russian government -- deployed tainted updates (served up by SolarWinds) that gave them backdoors to snoop on internal communications and exfiltrate sensitive data. > The attack was so widespread and potentially catastrophic, the DHS's cyber wing issued an emergency directive that stated the only way to mitigate damage was to airgap devices and uninstall affected Orion software. Meanwhile, SolarWinds filed an update with the SEC detailing the extent of the damage. It was limited, but only if you consider 18-33,000 potential infections "limited." It's only a small percentage because Solarwinds's customer base is so large. The company boasts 300,000 customers, among them several government agencies and all five branches of the military. (It's not boasting much these days. It has memory-holed its "Customer" page during this trying time.)