go to sections menu

Solar Wind news as of Friday, December 18th, 2020: lunch time from blog The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: article commentary > Solar Wind news as of Friday, December 18th, 2020: lunch time

Go to Homepage, contents or to navigation menu

Solar Wind news as of Friday, December 18th, 2020: lunch time

Some of the news here may be a little back dated within the week, but I’ve got 5 or six different items here.

When we release the year end podcasts, these will be linked only, and my thoughts will be blogged for people to find.

SolarWinds attack is not ‘espionage as usual,’ Microsoft president says

The breach of SolarWinds software that allowed widespread espionage on U.S. government agencies and other organizations worldwide is more than just a shocking
use of digital spycraft, Microsoft’s top executive said Thursday.

Brad Smith has been working at Microsoft for many years, and there is a linked blog post with his thoughts. While I don’t know what would present an attack for espionage, this is why we rely on the experts to tell us what type of attack this is.

To add insult to injury:

The breach, which multiple U.S. sources have pinned on Russian intelligence, “is not ‘espionage as usual,’ even in the digital age,” Smith writes. In an
addendum to the blog post, Microsoft said that it found no indications that its own software systems were used to attack others, but it did find “malicious
SolarWinds binaries in our environment, which we isolated and removed.”

This should make us feel better knowing that it wasn’t China, but yet it is more wide spread than just one company like Microsoft.

According to the article: Microsoft is notifying more than 40 customers. The paragraph reads:

Microsoft was working to notify more than 40 customers targeted by the attackers, according to Smith.

Are these customers Microsoft customers?

Energy Department finds SolarWinds-related malware on IT networks, says critical systems unaffected

To add insult to injury, we now find out that the Energy Department is a potential target. While the article says that some systems may be a problem, nothing critical was attacked. I guess that is a good sign in the long run, don’t you think?

The Department of Energy on Thursday said it had found malicious software related to the breach of contractor SolarWinds on the department’s IT networks,
making it the latest federal agency to be swept up in a hacking campaign reportedly tied to Russia.

“At this point, the investigation has found that the malware has been isolated to business networks only, and has not impacted the mission essential national
security functions of the Department, including the National Nuclear Security Administration,” Department of Energy spokeswoman Shaylyn Hynes said in a

DOE joins a growing list of federal agencies, including the departments of Homeland Security and Treasury, that have been reportedly breached in the hacking
campaign. …

“When DOE identified vulnerable software, immediate action was taken to mitigate the risk, and all software identified as being vulnerable to this attack
was disconnected from the DOE network,” Hynes added.

I hope that it was disconnected from the network, I would hope that it was. If you say that it was, and it wasn’t, you’ll have a lot of explaining to do.

To add insult to injury, this article says:

The Russian government has denied involvement in the hacking campaign.

Of course you’ll deny involvement, this way, nothing happens to you. The president elect is being briefed by the Trump administration, and articles talk about that, so we’ll see if they get in trouble, or the culprits who actually did this get in trouble as well. No matter who did it, the United States is aware of what is going on, so someone needs to come clean.

FireEye, Microsoft find ‘killswitch’ to hamper SolarWinds-related malware

This is a similar article from the one that I published from Krebs on Security who was mentioned in the article. I’m not going to spend a lot of time on this one as it is similar to the one I blogged when we broke the news at the beginning of the week.

There is a lot of linking within this article, so you’ll need to read this on your own.

Senators press Treasury to speak about breach, planned response to hackers

I always see the same names asking about all these types of breaches through the years, and its a good thing. Companies sometimes respond, sometimes don’t, but its time to figure out why all of these breaches are coming out and becoming such a problem. As we’ve learned throughout this fiasco, it isn’t all of these companies faults that the software they chose to use to protect them was compromised since March. We need answers on all of these breaches and we need to know how companies will respond after the mistake is found to have caused the issue in the first place.

This article is very interesting because two key senators who are Democrats want to know if those responsible for the treasury portion of the breach will be sanctioned or even caught would be better.

As with a lot of articles, there is linking within, so I don’t want to take the article word for word. Check it out and see if there is something you want braught up when we return to the airwaves.

SolarWinds breach has industrial firms checking their networks for vulnerabilities

Why do we need to check for problems after a big breach like this? Why aren’t we checking for problems before a breach? Are you claiming you’ve not patched for any vulnerabilities and this is your wakeup call?

Executives from multiple U.S. electric utilities on Monday convened a phone call to discuss a critical vulnerability in software made by SolarWinds, the
federal contractor at the heart of an apparent cyber-espionage operation.

The briefing, hosted by an industry-government group known as the Electricity Subsector Coordinating Council, is just one example of the wide ripple effects
of the malicious tampering of SolarWinds’ software by suspected state-sponsored hackers.

They now need to see what the problem is? Have they not been paying attention to other sectors like the shopping industry get taken by third party contractors like what happened in Target? This isn’t going away any time oon, and some year end articles I’ll cover more in other blog posts don’t look promising. This is beyond repair. Let us work together to tell people what is happening, they need to know they need to patch to the best of their ability, and definitely update that software.

National security officials brief Biden team on SolarWinds hacking campaign

Its nice to see that the two teams in the white house are working together to share information. While the presidency election was a problem in the states this year, the fact that Biden is being briefed in this ordeal is a good thing.

U.S. national security officials have briefed the transition team for President-elect Joe Biden and Capitol Hill aides on the consequences of a suspected
government-backed hacking campaign affecting multiple federal agencies, according to multiple people familiar with the matter.

Trump administration officials held multiple briefings on the topic for Biden aides on Monday, and there is a classified briefing slated for Tuesday, according
to a person familiar with the briefings. Among the agencies briefing Biden staff on Monday was the Department of Homeland Security’s Cybersecurity and
Infrastructure Security Agency, a CISA official said.

Some information may be repeated here as reported in other posts already, but this is definitely a good sign. Let’s see what the president elect has to say about cybersecurity when he takes office.

“We are in daily communication with federal agencies on a wide range of topics, but cannot confirm the details of any specific briefings,” said a spokesman
for the Biden transition team.

the post ends by saying:

CISA also briefed Capitol Hill aides on Monday on an emergency directive the agency issued requiring all federal civilian agencies to check for signs of
the malicious activity on their networks. During that briefing, CISA officials said at least one federal agency had discovered it was affected by the campaign
in the day since the directive was issued, according to a congressional aide who participated in the briefing.

That’s nice to see, let’s see what else you’ll find as the weeks go on. I’m sure that this story will continue to develop. That’s all the news I have for now … we’ll be on this as much as we can.

Informazioni sull'articolo

Solar Wind news as of Friday, December 18th, 2020: lunch time was released on December 18, 2020 at 1:01 pm by tech in article commentary.
Last modified: December 18, 2020.

Comments (0)

No comments yet.

Leave a comment

You must be logged in to post a comment.

go to sections menu

navigation menu

go to sections menu