Few steps are needed to turn this access into an effective cyberweapon. Gathering information was more important in this case, but also probably triggered the investigation. What will we call the next latent access mechanism? https://twitter.com/RidT/status/1338537697560965120
The US has decided this wasn't an attack so it isn't. https://twitter.com/pwnallthethings/status/1338570810739527681?s=19
Although "one official" does. I guess we'll never know... https://twitter.com/ericgeller/status/1338675792839139328?s=19
Another vote for attack, but no, you know, violence, to back it up. Is it really a cyberwar if you're not cyberfighting? https://twitter.com/Angry_Staffer/status/1338490932648419331?s=19
@kimzetter doesn't know but wants you to decide! https://twitter.com/KimZetter/status/1338558312279724032?s=19
@alexstamos comes in hard on the side of cyberviolence. Theft is an attack even if you didn't notice it! https://twitter.com/alexstamos/status/1338563258488262656?s=19
FireEye. The same - and not the same, who lost their redteam tools, three days and a thousand years ago, said it was an attack. An attack! https://www.fireeye.com/blog/products-and-services/2020/12/fireeye-shares-details-of-recent-cyber-attack-actions-to-protect-community.html
NCSC feels attacked by the attacker that attacks and thinks you should too https://www.ncsc.gov.uk/guidance/dealing-with-the-solarwinds-orion-compromise
DNI not even slightly attacked in this "campaign" / "cyber incident" / "compromise" of exposed networks by "threat actors" and would love to hear of any "suspicious or criminal activity". Expect toothless indictments in a year or so. https://www.dni.gov/index.php/newsroom/press-releases/item/2175-joint-statement-by-the-federal-bureau-of-investigation-fbi-the-cybersecurity-and-infrastructure-security-agency-cisa-and-the-office-of-the-director-of-national-intelligence-odni
NY Times thinks this "espionage attack" and "Giant Russian Hack" shows that cyberoffensive forward defense is a false deterrent. Unmix those metaphors if you dare! https://www.nytimes.com/2020/12/16/us/politics/russia-hack-putin-trump-biden.html#click=https://t.co/xrLtGi8dJ1
Norms are obviously a waste of time (because, you know, Russia+2020), but @sangerNYT notes that we will attack and you don't (want to know what we'd call) that https://twitter.com/SangerNYT/status/1339462419383508997?s=19
CISA being ever so careful to call this an intrusion or compromise
https://us-cert.cisa.gov/ncas/alerts/aa20-352a
but NYTimes perfectly happy to read this as a spiraling attack and a latent cyberweapon https://www.nytimes.com/2020/12/17/us/politics/russia-cyber-hack-trump.html#click=https://t.co/SBIvg0NxHQ
https://us-cert.cisa.gov/ncas/alerts/aa20-352a
but NYTimes perfectly happy to read this as a spiraling attack and a latent cyberweapon https://www.nytimes.com/2020/12/17/us/politics/russia-cyber-hack-trump.html#click=https://t.co/SBIvg0NxHQ
Disinformation remains a scourge but in this case I don't think the Russians blew their own access, especially given how hard they tried to evade monitoring tools. The state sponsored shitposting will come later. https://twitter.com/mollywood/status/1339679184562503681?s=19
Reuters goes with half hackers half attackers, even in a paragraph misparaphrasing CISA. https://mobile.reuters.com/article/amp/idUSKBN28R2ZJ?il=0&__twitter_impression=true
Microsoft calls it a cyberassault that goes beyond the responsible boundaries of espionage. Also calls out western hubris and decries hack-for-hire groups. Sadly raging against attackers won't make them go away... https://blogs.microsoft.com/on-the-issues/2020/12/17/cyberattacks-cybersecurity-solarwinds-fireeye/
The US government seems to be sticking to its own doctrine but no one else got the memo https://twitter.com/RidT/status/1339953095892197376?s=19
Good thread. We know this was espionage because we saw emails being read. The access was an afternoon and an authorization away from being an solid cyberweapon. Imagine if Iran deleted everyone's solarwinds configs in response to a missile attack. https://twitter.com/BuchananBen/status/1340016979961327616?s=19