Drama SolarWinds it just won’t stop. It’s a story about Russian hackers – and potentially Chinese hackers – about alleged email espionage and a hole in security vulnerabilities that seems to get worse as more details emerge. Now, we can add another twist to the story: the insecure password of laughter “solarwinds123”. In the latter case, SolarWinds would like you to know that it was the trainee’s fault.
In a joint hearing on Friday, former SolarWinds CEO Kevin Thompson told representatives from Internal Oversight and Internal Security Committees that the password “solarwinds123”, which protected a server at the company, was “linked to a mistake made by an intern and they violated our password policies”. Thompson he explained MPs that the trainee posted the password on his own private GitHub account.
“As soon as it was identified and brought to the attention of my security team, they took it down,” Thompson said.
The password security issue dates back to at least 2018, although the testimony offered by SolarWinds on Friday indicates that it could go even further. In December, security researcher Vinoth Kumar told Reuters that warned SolarWinds that anyone can access their update server using “solarwinds123”. CNN reported that the password has been accessible online since at least June 2018.
G / O Media may receive a commission
However, at the meeting, Sudhakar Ramakrishna, the current CEO of SolarWinds, told lawmakers that the password “solarwinds123” was used on one of the trainee’s servers in 2017.
Conformable CNN, Kumar told SolarWinds that the password allowed him to connect and upload files to his server. This was a way for any hacker to upload malicious programs onto SolarWinds, the researcher said.
“I have a stronger password than ‘solarwinds123’ to keep my kids from watching too much YouTube on their iPad,” California Democrat Katie Porter told SolarWinds officials at the meeting.
At this point, however, it is still uncertain whether the password leak played a role in the SolarWinds hack, CNN said, which is believed to be the largest foreign intrusion campaign in US history. This month, White House National Security Adviser Anne Neuberger said about 100 different companies and nine federal agencies, including the one overseeing the country. nuclear weapons, had been compromised by foreign hackers.
The government is currently investigating the hack and it is still unclear what data hackers could have access to. The investigation is expected to take several months. Kevin Mandia, CEO of FireEye, the cybersecurity company that discovered the hack, said we may never know the purpose of the attack.
“The bottom line: we may never know the full range and extent of the damage, and we may never know the full range and extent of how stolen information benefits an adversary,” Mandia said.
However, we know one of the causes of the attack: an unnamed poor inmate who SolarWinds threw under the bus.