DHS, State, and NIH join list of 5 (and counting) federal agencies confirmed hacked in massive Russian cyberespionage campaign

Originally published at: https://boingboing.net/2020/12/14/dhs-state-and-nih-join-list-of-5-and-counting-federal-agencies-confirmed-hacked-in-massive-russian-cyberespionage-campaign.html

…

Makes sense, get your big hacks in now before the adults take over in January.

Hey BBS legal pedants!

Are we at “Treason” yet?

Weird how Donald Trump has said nothing about this massive and growing hack of the United States government, right?

Huh, yeah, that’s reeeaaaalllll mysterious, all right.

One has to wonder just how far Trump is going to help Putin. Whether it goes beyond ignoring what he’s doing and creating favorable policies, and actually extends to slipping Russia information that compromises US security…

I know, I know. It’s a total mystery. Just like how Trump has never said a thing about the Russian bounty on US troops. Nor has he ever said an unkind word about Vladimir Putin, even as Trump has managed to take issue with the most innocuous of nations, Canada and New Zealand. So weird

I remember way back when the number one shiboleth for Republicans was hatred for the Soviet Union and communist leaders: “Better dead than Red!”

Now the GOP goes around in little red hats and has nothing but praise for their own Putin-lovin’ Autocrat. It’s almost as if the GOP never actually had any real principles other than staying in power… Almost :-/

(" ‘Almost’. You keep using that word. I do not think it means what you think it means what you think it means.")

I am familiar with SolarWinds and used them for a while in a previous role. It doesn’t really surprise me because this type of software has become rather embedded in most organizations and typically runs with elevated root privileges. I can see how a targeted hack can easily exploit the inherited trust level that a system management platform has to infiltrate and traverse a network.

The American right seems to have understood before liberals did that Putin’s Russia was socially and religiously conservative, and therefore admirable to the right, although it is still larded with enough Soviet nostalgia and remnants of socialist society to confuse people.

Somebody check Mnuchin’s bank account balance.

Having been through this recently, they have my sympathy.

Cleaning up and securing the entire environment is shitty and slow, and unfortunately it needs to be done before they can start restoring.

“Analysts said it was hard to know which was worse: that the government was blindsided again by Russian intelligence agencies, or that when it was evident what was happening, White House officials said nothing.

But this much is clear: While President Donald Trump was complaining about the hack that wasn’t — the supposed manipulation of votes in an election he had lost — he was silent on the fact that Russians were hacking the building next door to him: the U.S. Treasury.”

With so many traitors in US orbit right now it’s easy to see how they might just be giving it all away while nobody was looking.

With proper use of a firewall providing DNS filtering, the scheme fails because it won’t allow the Orion server to contact a command and control server.

My employer makes use of SolarWinds but had not deployed Orion yet and this was a vital topic of discussion in yesterday morning’s meetings.

White supremacists also like Putin’s Russia as an anti-Muslim and anti-Semitic and anti-LGBTQ country. Vlad offers something for almost every type of modern American conservative.

Anything to shave off a few hundred mill that he owes the oligarchs so he doesn’t get the polonium treatment.

Why should Trump care? It ain’t his government anymore.

Even the COVID vaccine rollout is deliberately being hamstrung so the money runs out right when Biden takes the oath.

“Burn it all down.”

[I still think there’s a possibility Trump will try one last crazy effort to stay in power, literally a coup attempt using the military or something.]

But what specifically are we looking for? He already had all the fractional cents left over from every transaction the Treasury makes.

We’re not saying this is how SolarWinds was backdoored, but its FTP password ‘leaked on GitHub in plaintext’

SolarWinds, the maker of the Orion network management software that was subverted to distribute backdoored updates that led to the compromise of multiple US government bodies, was apparently told last year that credentials for its software update server had been exposed in a public GitHub repo.

Vinoth Kumar, a security researcher, claimed on Tuesday he had made such a report to SolarWinds last November, warning that it could be used to upload files to the server. The password he said he found, in plaintext for all to see, is a textbook example of a weak password that never should have been allowed.

[…]

Reuters reports that multiple criminals on underground forums had offered to sell access to SolarWinds’ computers.

While I find biometric IDs creepy and intrusive, the fact that even IT professionals choose such idiotic passwords for sensitive accounts tells me that they’re inevitable replacements for credentials as they exist.

Not really. Because they will use biometrics not only as ID, but also as passwords.
But then again fingers grow back, right?