Solar wind drama Just won’t stop. This is a story about Russian hackers and spy emails that may be Chinese hackers, and as more details emerge, the gap in security breaches seems to be getting worse. Now, we can add another variant to this story: the ridiculously insecure password “solarwinds123”. In this last case, SolarWinds wants you to know that this is the intern’s fault.
At a joint hearing on Friday, the former CEO of SolarWinds, Kevin Thompson, told Housing Supervision and Homeland Security Commission The “solarwinds123” password that protects the company’s server “is related to a mistake made by the intern and violates our password policy.” Thompson explained Tell lawmakers that the interns have posted their passwords on their private GitHub accounts.
Thompson said: “Once it was discovered and brought to the attention of my security team, they deleted it.”
The password security issue can be traced back to at least 2018, although the testimony provided by SolarWinds on Friday indicates that it can be traced even longer. In December, security researcher Vinoth Kumar Tell Reuters He warned SolarWinds that anyone can use “solarwinds123” to access its update server.CNN Reported The password can be accessed online at least from June 2018.
However, during the hearing, Sudhakar Ramakrishna, the current CEO of SolarWinds, told MPs that the “solarwinds123” password was used on one of the interns’ servers in 2017.
according to CNN, Kumar shows to SolarWinds that the password allows him to log in and store files on its server. Researchers say this is a way for any hacker to upload malicious programs to SolarWinds.
California Democrat Rep. Katie Porter told Solard at the hearing: “I have a stronger password than’solarwinds123′, which prevents my kids from watching too many YouTube programs on the iPad.”
CNN pointed out that even at this point, whether the password leak played a role in the SolarWinds hack is still uncertain. The largest foreign invasion movement In American history. This month, the White House national security adviser Anne Neuberger stated that there are about 100 different companies and 9 federal agencies, including companies that oversee institutions in the country. Nuclear weapons, Has been hacked by foreign hackers.
The government is currently investigating hacking, Still not clear What data hackers can access. The investigation is expected to take several months. Kevin Mandia, CEO of cyber security company FireEye Hacker found, Once said that we may never know the scope of the attack.
“The most important thing is: we may never know the scope and extent of the loss, and we may never know how the information stolen will benefit the opponent.” Mandia said.
Nevertheless, we do know one of the reasons for the attack: SolarWinds dropped an intern who asked not to be named.