- #Solarwinds logo update#
- #Solarwinds logo manual#
- #Solarwinds logo software#
- #Solarwinds logo password#
#Solarwinds logo manual#
Under the Tallinn Manual 2.0, which is the description of the laws of war in cyberspace put out by NATO’s Cooperative Cyber Defence Centre of Excellence, we know that this kind of espionage operation is not an active attempt to change or engage in deception/destruction on a local level. As the country begins to heal from the last four years of “alternative facts,” we must return to calling things by their correct names. The sheer abundance of embarrassment at the extent of the SolarWinds breach does not make a wiretap an act of war, nor does calling this event a cyberattack make it one. To the best of my ability to tell, SolarWinds did not do one dollar of physical damage to any computer system, nor did a single human so much as break a fingernail, and, as a result, this operation was an act of cyberespionage. Cyberespionage, on the other hand, is the act of a government listening in on the activities of foreign computers, just like in-person espionage might involve listening at hotel keyholes or telephone espionage might be a silent third listener on a phone call. If there is deception and destruction on foreign shores, these acts belong under the laws of war. When it targets civilians and especially health facilities, cyberwarfare can be a war crime. It is deception and destruction on foreign shores. Cyberwarfare is the use of computers to conduct an operation that is intended to have a kinetic effect, whether that is shutting down power grids, crashing airplanes, denying access to critical communications, attacking military infrastructure, or interrupting hospital operations. It’s easy for people to mix up cyberespionage and cyberwarfare. But that does not make the Russian espionage operation targeting SolarWinds a cyberattack. The problem is not that the general public is unaware but that the companies themselves do not know it. But this breach was no black swan event and happens everywhere, in all tech and security companies. SolarWinds failed to lock the doors to the dairy, and anyone passing by could see it.
#Solarwinds logo password#
Kevin Thompson, the former CEO of SolarWinds, recently claimed that an intern had set this password years ago, but he offered little introspection as to why a single intern had that kind of security access to company production servers in the first place. Such a password is a hint that an attack would find poor security practices in many other places, perhaps enough to compromise the entire system. It would be something that the most junior of internal red team or penetration testers would do as part of a standard information security audit.
One SolarWinds server with administrative power over other company computers was protected with the password “solarwinds123.” A password this simple-the company name and a few predictable additional bits like “123”-is part of any standard hostile password cracking attack. SolarWinds appears to have made it easy for the attacker to breach their supply chain.
#Solarwinds logo software#
The updated software contained a backdoor that permitted Russian eavesdropping on every computer that contained the Orion software. When customers downloaded legitimate fixes from SolarWinds, they got a Russian wiretap along with it.
#Solarwinds logo update#
The server that held the updated software was compromised when Russian hackers found a hole in SolarWinds network security, pivoted to the update server through the network, broke into that server, added a vulnerability to the patch pushed to customers, and recompiled the update to look innocent. To keep the more than 300,000 customers that use Orion on the latest version, SolarWinds would occasionally push out an update that client machines would receive and install. That tool was and remains widely deployed in U.S. The breach occurred via the Orion IT network management software developed by the Texas company SolarWinds. To understand why the SolarWinds breach was an act of espionage, and not an act of war, it is worth considering the technical details of the breach.