CISA ISSUES EMERGENCY DIRECTIVE TO MITIGATE THE COMPROMISE OF SOLARWINDS ORION NETWORK MANAGEMENT PRODUCTS

Homesteading & Country Living Forum

Help Support Homesteading & Country Living Forum:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.
Dani

Dani

Awesome Friend
Neighbor
HCL Supporter
Joined
Dec 29, 2012
Messages
18,375
https://www.cisa.gov/news/2020/12/1...-mitigate-compromise-solarwinds-orion-network
CISA ISSUES EMERGENCY DIRECTIVE TO MITIGATE THE COMPROMISE OF SOLARWINDS ORION NETWORK MANAGEMENT PRODUCTS
Original release date: December 13, 2020 | Last revised: December 14, 2020
WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) tonight issued Emergency Directive 21-01, in response to a known compromise involving SolarWinds Orion products that are currently being exploited by malicious actors. This Emergency Directive calls on all federal civilian agencies to review their networks for indicators of compromise and disconnect or power down SolarWinds Orion products immediately.
“The compromise of SolarWinds’ Orion Network Management Products poses unacceptable risks to the security of federal networks,” said CISA Acting Director Brandon Wales. “Tonight’s directive is intended to mitigate potential compromises within federal civilian networks, and we urge all our partners—in the public and private sectors—to assess their exposure to this compromise and to secure their networks against any exploitation.”
This is the fifth Emergency Directive issued by CISA under the authorities granted by Congress in the Cybersecurity Act of 2015. All agencies operating SolarWinds products should provide a completion report to CISA by 12pm Eastern Standard Time on Monday December 14, 2020.
 
Dominion Voting Systems Uses Firm That Was Hacked

A company that provides voting systems in 28 states uses an Internet technology firm that was hacked.

Dominion Voting Systems uses SolarWinds software, according to a Dominion web page.

SolarWinds does not list Dominion on its partial customer listing but says its products and services are used by more than 300,000 customers around the world, including all five branches of the U.S. military and more than 425 of the U.S. Fortune 500.
 
GeorgiaPeachie said:
Dominion Voting Systems Uses Firm That Was Hacked

A company that provides voting systems in 28 states uses an Internet technology firm that was hacked.

Dominion Voting Systems uses SolarWinds software, according to a Dominion web page.

SolarWinds does not list Dominion on its partial customer listing but says its products and services are used by more than 300,000 customers around the world, including all five branches of the U.S. military and more than 425 of the U.S. Fortune 500.
Click to expand...

This is there plausible denyability plan. Its over now. The election is over for Biden, this is there escape plan.
 
Maverick said:
SolarWinds are owned by Silver Lake, Silver Lake own a lot of companies. By the way, was U.S. Treasury and Commerce Departments using SolarWinds?

Scroll down to see the list (how many are using SolarWinds)
https://en.wikipedia.org/wiki/Silver_Lake_(investment_firm)
Click to expand...

“...services are used by more than 300,000 customers around the world, including all five branches of the U.S. military and more than 425 of the U.S. Fortune 500.
 
Danil54grl said:
https://www.cisa.gov/news/2020/12/1...-mitigate-compromise-solarwinds-orion-network
CISA ISSUES EMERGENCY DIRECTIVE TO MITIGATE THE COMPROMISE OF SOLARWINDS ORION NETWORK MANAGEMENT PRODUCTS
Original release date: December 13, 2020 | Last revised: December 14, 2020
WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) tonight issued Emergency Directive 21-01, in response to a known compromise involving SolarWinds Orion products that are currently being exploited by malicious actors. This Emergency Directive calls on all federal civilian agencies to review their networks for indicators of compromise and disconnect or power down SolarWinds Orion products immediately.
“The compromise of SolarWinds’ Orion Network Management Products poses unacceptable risks to the security of federal networks,” said CISA Acting Director Brandon Wales. “Tonight’s directive is intended to mitigate potential compromises within federal civilian networks, and we urge all our partners—in the public and private sectors—to assess their exposure to this compromise and to secure their networks against any exploitation.”
This is the fifth Emergency Directive issued by CISA under the authorities granted by Congress in the Cybersecurity Act of 2015. All agencies operating SolarWinds products should provide a completion report to CISA by 12pm Eastern Standard Time on Monday December 14, 2020.
Click to expand...

This is the REASON lots of the internet this morning was down for awhile! They were disconnecting from SolarWinds.
 
Last edited:
Google and You tube crashed globally earlier today according to Down detector, dunno if hacking was involved.

1607964476023.png
 
On December 13, 2020, the Washington Post reported that multiple government agencies were breached through SolarWinds's Orion software, "according to three people familiar with the matter..." It was reported, but not confirmed, that APT29, aka Cozy Bear, working for the Russian Foreign Intelligence Service (SVR) was behind the attack.[50] Victims of this attack include the cybersecurity firm FireEye, The US Treasury Department and the US Department of Commerce's National Telecommunications and Information Administration.[51] FireEye reported the hackers inserted "malicious code into legitimate software updates for the Orion software that allow an attacker remote access into the victim’s environment" and that they have found "indications of compromise dating back to the Spring of 2020."

According to Microsoft An on premise SAML token signing certificate was compromised. This SAML token was then used to generate other tokens for highly privileged authorized users.[52]

The attack used a backdoor in a SolarWinds library. When an update to SolarWinds occurred the malicious attack would go unnoticed due to the trusted certificate[53] The Cybersecurity and Infrastructure Security Agency issued Emergency Directive 21-01, only its fifth in history in response to the incident.

Also
The CEO Kevin Thompson was slated to leave SolarWinds December 31
 
Maverick said:
Regarding Dominion, Dominion has never used the SolarWinds Orion Platform per released statement. The Dominion machines are hooked up to the States network. The intrusion into the Orion Platform has possibly been going on since 2018 if not earlier.
Click to expand...


So they say. I saw somewhere yesterday (was it here?) a link that showed that a link to solarwind had been removed from dominion's site, but they left some code referencing it on their page! Oops...
 
It’s looking like this hack was much worse than first realized. It went unnoticed for 6 months and included loads of government agencies. Definitely Russia due to size and sophistication of it. While I don’t think this is a good thing by any means I also am certain that we are doing the same thing to them. As long as people can design a security system there are other people that can design a way around it. I don’t believe there is any completely secure way to protect electronics.
 
Lude Media Interpretation: Pompeo’s Speech Conveys the Important Timeline for Taking Down the CCP

Secretary of State Pompeo’s speech at the Georgia Institute of Technology [1] revealed tha: North Atlantic Treaty Organization (NATO) has shifted from a traditional confrontation with Russia to a confrontation with the CCP. The NATO meeting last week spent nearly half of the time discussing how to deal with the CCP. He also addressed that the CCP and Xi Jinping intended to impose their authoritarian model on the United States and the whole world. Although the CCP model itself will eventually collapse, the United States should not just wait, rather it should take actions to protect itself.

The Lude Media commented on this post as follows:

  • The speech by Pompeo is targeted at the CCP. He participated in the NATO meeting last week. NATO has clearly shifted its target from Russia to the CCP. Initially, NATO was founded to confront the challenges of the Soviet Union. Lude Media revealed that Russia will cooperate with NATO and fight against the CCP.
  • In his speech, Pompeo implied that they would take the initiative to fight against the CCP in order to protect the prosperity of the United States. He had persuaded NATO members to join the U.S. to take down the CCP
 
You must log in or register to reply here.

Latest posts

Back
Top