Read on Twitter
Treasury, Commerce departments hacked. Pentagon, NASA is also compromised. This is an ongoing investigation, and will be updating. DHS once again asleep at the wheel. @realDonaldTrump needs to purge the department heads they are worthless.
Hackers broke into the networks of the Treasury and Commerce departments as part of a global cyber espionage campaign.
They accessed those networks by slipping malware into a SolarWinds software update, according to the global cybersecurity firm FireEye, which was also compromised.
FireEye is another one of these government contractors that our intel farms out, which is insane as far as I'm concerned. CIA asleep at the wheel as well. This is why we need the Military in charge of our intel, and stop farming out security of our country.
FireEye is a publicly traded cybersecurity company headquartered in Milpitas, California found by a Pakistani named Ashar Aziz. You'ld think we'd learn our lesson about this, but we never do.
The first phases of this monthslong cyberespionage campaign started likely this spring. The malware gave the hackers remote access to the victimsâ networks. MONTHS!!!! Now in eigth months later we get this! https://twitter.com/CISAgov/status/1338348931571445762?s=20
So last night the CISA issues a warning everyone to get out of SolarWinds so after months knowing they were compromised FireEye says hey you might want to issue a red alert. GEEX YA THINK! https://www.cisa.gov/news/2020/12/13/cisa-issues-emergency-directive-mitigate-compromise-solarwinds-orion-network
The FBI & the DHSâs cybersecurity arm are investigating what experts and former officials said appeared to be a large-scale penetration of US government agencies. Industry experts said "it bore the hallmarks of Russian tradecraft." GMAFB Russia Russia Russia.
Guess who is saying it's Russia AGAIN?
âThis can turn into one of the most impactful espionage campaigns on record,â said cybersecurity expert Dmitri Alperovitch.
That's right CrowdStrike's Dmitri Alperovitch, here we go again.
âThis can turn into one of the most impactful espionage campaigns on record,â said cybersecurity expert Dmitri Alperovitch.
That's right CrowdStrike's Dmitri Alperovitch, here we go again.
After we know this bastard lied his ass off on the DNC hack given the revelations of @Ty_Clevenger's discover of Seth Rich being the DNC leak not the damn Russians, and here we have CrowdStrike in the middle of this.
The hacks were discovered less than a week after FireEye realized that foreign government hackers had broken into its network and stolen the companyâs own hacking tools. That's right back in April they stole the hacking tools from the hacking security company
You cannot make this shit up. I smell a rat and it's going to come back to this election mark my words, even if it's nothing more than a distraction to cover the tracks of SmartMatic/Dominion.
Now the so called "experts" suspect Russia is responsible again. Why not China? I can't believe they are taking Dmitri Alperovitch word for a damn thing.And FireEyeâs customers include federal, state and local governments and top global corporations.
And just yesterday the CISA issues a red alert to back out of SolarWinds. I hope Johnny @DNI_Ratcliffe is taking over this and getting Dmitri Alperovitch as far away from this investigation as possible.
So the apparent conduit for the Treasury and Commerce Department hacks and the FireEye compromise is a hugely popular piece of server software called SolarWinds. It is used by hundreds of thousands of organizations globally
SolarWinds is headquartered in Austin TX with offices just off of Southwest Parkway in Southwest Austin. So this is close to home for me and there are teams from the Texas Rangers and FBI on location working this closely.
Once again this malware gave the hackers "remote access" to all victimsâ networks, so this could be being accessed for months from anywhere in the world.
SolarWinds is officially saying shit like âpotential vulnerabilityâ was related to updates released between March and June for software that helps organizations monitor their online networks for problems. https://twitter.com/solarwinds/status/1338325699300651018
Well âpotential vulnerabilityâ is mincing words, because they are hacked and their entire job is to prevent hacking. What a clown show.
âWe believe that this vulnerability is the result of a highly-sophisticated, targeted and manual supply chain attack by a nation state,â - SolarWinds CEO Kevin Thompson in his official statement.
The compromise is critical because SolarWinds would give a hacker âGod-modeâ access to the network, making everything visible, according to the Cyber Guy I talked to. They have had Carte Blanche access to all these depts.
Now FireEye said it had notified âmultiple organizationsâ globally where it saw indications of compromise. It said that the hacks did not seed self-propagating malware, like the 2016 NotPetya malware ALSO blamed on Russia!
That 2016 hack caused more than $10 billion in damage globally and that level of actual infiltration of an infected organization required meticulous planning and manual interaction. Why the hell these idiots keep immediately pointing at Russia and ignoring China is BULLSHIT!
The US government did not publicly identify Russia as the culprit behind this hack, and said little about who might be responsible. It's these so called Cybersecurity experts cough cough Dmitri Alperovitch said they considered Russian state hackers to be the main suspect.
Trump's National Security Council spokesperson John Ullyot said in his statement that the government was âtaking all necessary steps to identify and remedy any possible issues related to this situation.â Typical canned answer
if you go look at the website, SolarWinds says it has 300,000 customers worldwide, including all five branches of the US military, the Pentagon, the State Department, NASA, the NSA, the Department of Justice and the White House.
This is serious shit because their website also says the 10 leading US telecommunications companies and top five US accounting firms are also among customers. We are wide fucking open.
CISA said it was working with other agencies to help âidentify and mitigate any potential compromises.â
Remember @realDonaldTrump last month fired the director of CISA, Chris Krebs, after Krebs vouched for the integrity of the presidential election and he disputed the widespread electoral fraud every one of us can see.
Pf course this hack Krebs had to Tweet âhacks of this type take exceptional tradecraft and time,â adding that he believed that its impact was only beginning to be understood. https://twitter.com/C_C_Krebs/status/1338249463949893634
Well guess what you "Most secure election in history" hack, this happened months ago on your watch, and while you're resisting the @POTUS they were hacking into everything you mutt
I suspect that thereâs a number of other federal agencies weâre going to hear from this week that have also been hit. mark my words, this was a gatekeeper level hack and this clown show at the CISA is clueless
If you want a reason for Executive order 13848 here you go.
https://www.solarwinds.com/company/customers
More than 425 of the US Fortune 500
All ten of the top ten US telecommunications companies
All five branches of the US Military
The US Pentagon, State Department, NASA, NSA, USPS, NOAA, DOJ, and the White House
All five of the top five US accounting firms
More than 425 of the US Fortune 500
All ten of the top ten US telecommunications companies
All five branches of the US Military
The US Pentagon, State Department, NASA, NSA, USPS, NOAA, DOJ, and the White House
All five of the top five US accounting firms
In the words of Jim Lovell
"Houston we have a problem"
"Houston we have a problem"
SolarWinds main funding comes from Austin Ventures, Bain Capital, and Insight Venture Partners. There is a lot to look at there.
I'm betting Dominion Voting Systems uses SolarWinds but have heard not a peep from that end.
My followers are quick on the trigger thanks
