قالب وردپرس درنا توس
Home / Business / The former CEO of SolarWinds blames the interns for the “solarwinds123” password leak

The former CEO of SolarWinds blames the interns for the “solarwinds123” password leak



The problematic password “solarwinds123” was discovered on the public Internet in 2019 by an independent security researcher who warned the company that the vulnerability had exposed the SolarWinds file server.

During a joint hearing between the U.S. Housing Supervision Commission and the Homeland Security Council, several U.S. congressmen grabbed the code at SolarWinds on Friday.

Rep. Katie Porter said: “I have a stronger password than’solarwinds123′, which prevents my kids from watching too much YouTube on the iPad.” “You and your company should block Russians Read the email from the Department of Defense!”

Microsoft President Brad Smith also testified at Friday̵

7;s hearing. He later said that there was no evidence that the Pentagon was actually affected by Russian espionage. Microsoft is one of the companies leading the forensic investigation of hacking activities.

Smith said to Porter: “As far as I know, there is no sign that the Department of Defense has been attacked.”

Microsoft told members of Congress that Russia has

SolarWinds representatives told members of Congress on Friday that once a password issue is reported, it will be corrected within a few days.

However, it is not clear what role (if any) the leaked password played in enabling suspicious Russian hackers to monitor multiple federal agencies and businesses in one of the worst security breaches in U.S. history.

Theft of credentials is one of the three possible attack vectors SolarWinds is investigating because it is trying to discover how it was initially hacked. These hackers continue to hide malicious code in software updates, which are then pushed by SolarWinds to include Approximately 18,000 customers including many federal agencies.

SolarWinds CEO Sudhakar Ramakrishna said that SolarWinds is exploring other theories, including brute force guessing of company passwords and the possibility that hackers may enter through infected third-party software.

The former CEO of SolarWinds, Kevin Thompson, said in front of Congressman Rashida Tlaib that the password issue was “a mistake made by an intern.”

Thompson said: “They violated our password policy and posted the password on their private Github account.” “Once it was discovered and brought to the attention of my security team, they took it down.”

Neither Thompson nor Ramakrishna explained to lawmakers why the company’s technology allowed the use of such passwords in the first place.

Ramakrishna later proved that the password was used as early as 2017.

Ramakrishna told Porter: “I believe this is a password used by an intern on one of his Github servers in 2017. The password was reported to our security team and was immediately deleted.”

This time period is much longer than the reported time. Vinoth Kumar, the researcher who discovered the leaked password, previously told CNN that the password will be accessible online at least since June 2018 until the company corrects the problem in November 2019.

The email between Kumar and SolarWinds indicated that the leaked password allowed Kumar to log in and successfully store the file on the company’s server. Kumar uses this strategy to warn the company that any hacker can upload malicious programs to SolarWinds.

At the hearing, FireEye CEO Kevin Mandia (Kevin Mandia) said that it may not be possible to completely determine how much damage the suspicious Russian hacking activities have caused.

“The most important thing is: we may never know the scope and extent of the loss, and we may never know how the information stolen will benefit the opponent.” Mandia testified.

Mandia said that in order to conduct damage assessments, officials must not only classify and catalog the data they access, but they must also imagine all the ways that foreign actors can use and abuse the data. This is a daunting task.


Source link