We seem to have a crticial failure on our hands.
An “Achilles Heel” if you will.
Im talking about Solar Winds.
So what is it and why should you be concerned?
Solar Winds is a company which provides software services to business corporations and entities. This sounds benign at first, but upon closer inspection the software has some glaring errors.
This is not the fault of the company, I am not saying to you that Solar Winds is a foreign conspirator, what I am saying to you is this:
The world is an increasingly less safe place, the more we rely on technology, digital systems, and IT software, the more we leave ourselves exposed as a nation.
The more we rely on lines of digital code, the more of these electronic roads we build, the more chance there is for exploitation, and manipulation of our critical systems inside the U.S.
This is not the fault of any particular software company in particular, it is simply the way of the world now, increased reliance on tech = a more compromised security stance.
6 months ago we were hit by a foreign cyber attack, which used The Solar Winds software suite and network as a backdoor into critical United States infrastructures
Here is what we currently know:
100 Percent Fed Up came through with more details:
The former National Security Adviser to President Trump was interviewed by Lou Dobbs last night discussing the foreign cyberattack on Solarwinds.
“I would say is SolarWinds is an entry point into the rest of our entire US critical infrastructure. So everything that touches the United States government, if you enter through this SolarWinds attack that we perceive you basically have keys to the vault… You’re able to rummage around and do damn near anything. So it’s a very, very serious attack.”
General Flynn pivots to discuss how the cyberattack is connected to election interference by foreign influences.
The Financial Times had more:
For nine months, sophisticated state-backed hackers have exploited a ubiquitous SolarWinds software product in order to spy on government and business networks around the world, including in the US, UK, Israel and Canada. Wielding innovative tools and tradecraft, the cyber spies lurked in email services, and posed as legitimate staffers to tap confidential information stored in the cloud.
The bombshell revelations have sent 18,000 exposed SolarWinds customers scrambling to assess whether outsiders did indeed enter their systems, what the damage was and how to fix it.
The sprawling operation targeted some of the US government’s most sensitive data. The commerce and energy departments both admitted they had been compromised although the latter said it has no evidence of intrusions into its nuclear weapons management networks “so far”. Numerous other federal agencies have acknowledged that they are inspecting for fallout.
But the true scale of the ongoing campaign and its motivations are not yet — and may never be — known. There are indicators that it may be part of an even broader campaign that extends beyond the SolarWinds software. Experts have been swift to point a finger at Russia, which has wielded similar tactics in past cyber operations, though officials have refused to confirm a suspected culprit.