Explanation of the SolarWinds Hack
The maker of software that is used in the highest echelons of government, including the White House and NSA, was compromised by attackers who slipped malicious code into the software maker's trusted code without the software maker knowing it. The code got distributed to its customers.
That malicious code, once it infected customer systems, opened a backdoor into those systems and contacted the hackers to let them know the door was open for them to surreptitiously enter those systems and begin stealing sensitive data on those networks.
The hackers did this back in March and their activity was only recently discovered - this means they have been inside government systems all these months stealing data and spying on government workers without anyone knowing until now.
Here is a list of some of the customers who use the software made by the software maker (their name is SolarWinds). All of these were potentially compromised.
✔️ More than 425 of the US Fortune 500.
✔️ All ten of the top ten US telecommunications companies.
✔️ All five branches of the US Military.
✔️ The US Pentagon, State Department, NASA, NSA, Postal Service, NOAA, Department of Justice, and the Office of the President of the United States.
✔️ All five of the top five US accounting firms.
✔️ Hundreds of universities and colleges worldwide.
This is a national security hack conducted by a nation-state and focused on high-value targets/data. While it's possible your personal data could have been compromised, it's more likely not what the hackers were after. But there's a lot that's still unknown about the operation -- who all was compromised and what data or secrets were stolen.
Despite all this the National security adviser is taking his wife on a holiday tour of the romantic Mediterranean and European capitals.
Known victims so far include the US Treasury, the US NTIA, and FireEye itself.
Do you believe in conspiracies, or do you believe in coincidences?
BREAKING REPORT: SolarWinds HQ Raided in Austin — More News Coming on CEO and Executive Vice President (Update)
Last night the Cybersecurity and Infrastructure Security Agency (CISA) issued a rare Emergency Directive 21-01, in response to a KNOWN COMPROMISE involving SolarWinds Orion products.
This was only the fifth Emergency Directive issued by CISA under the authorities granted by Congress in the Cybersecurity Act of 2015.CISA reported a breach of the SolarWinds Orion products.
This Emergency Directive called on all federal civilian agencies to review their networks for indicators of compromise and disconnect or power down SolarWinds Orion products immediately.
