Read on Twitter
1) $SWI Russian hackers broke into SolarWind based software to enter governmental agencies, infrastructure backbone, and thousands of corporations. Malware loaded into some computers. $SWI closed @ $23.55 two Fridays ago. This Friday @ $14.18. That's a 39.79% drop in five days.
2) With each passing day the news worsens about this hack. This is setting off alarms everywhere, but will favor (just like COVID) other cyber-security companies who have their act together.
We won't know the damage "for weeks" about nuclear secrets. https://www.politico.com/news/2020/12/17/nuclear-agency-hacked-officials-inform-congress-447855
We won't know the damage "for weeks" about nuclear secrets. https://www.politico.com/news/2020/12/17/nuclear-agency-hacked-officials-inform-congress-447855
3) "John Dickson of the security firm Denim Group said many private sector firms which could be vulnerable are scrambling to shore up security, even to the point of considering rebuilding servers and other equipment." https://news.yahoo.com/massive-cyberattack-grows-beyond-us-160222029.html
4) More from the same link: ""Everyone is in damage assessment now because it's so big," Dickson said. "It's a severe body blow to confidence both in government and critical infrastructure."
5) "Analysts have said the attacks pose threats to national security by infiltrating key government systems, while also creating risks for controls of key infrastructure systems such as electric power grids and other utilities."
6) "SolarWinds said up to 18,000 customers, including government agencies and Fortune 500 companies, had downloaded compromised software updates, allowing hackers to spy on email exchanges.
Russia has denied involvement."
Russia has denied involvement."
7) "A Trump administration official tells Axios that the cyberattack on the U.S. government and corporate America, apparently by Russia, is looking worse by the day — and secrets may still be being stolen in ways not yet discovered." https://www.axios.com/solarflares-russia-hack-agencies-0a21d7e4-9fcf-4f6d-b86c-f903d155dd9d.html
8) From Axios link above: "The hack is known to have breached the departments of Defense, State, Homeland Security, Treasury, Commerce, and Energy and its National Nuclear Security Administration — plus the National Institutes of Health."
9) "In unusually vivid language for a bureaucracy, the U.S. Cybersecurity and Infrastructure Security Agency, part of Homeland Security, said yesterday that the intruder "demonstrated sophistication and complex tradecraft."
10) "The agency said the breach "poses a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations."
11) "If this had been a physical attack on America's secrets, we could be at war."
"Sen. Chris Coons (D-Del.) told Andrea Mitchell on MSNBC: "It's pretty hard to distinguish this from an act of aggression that rises to the level of an attack that qualifies as war. ... "
"Sen. Chris Coons (D-Del.) told Andrea Mitchell on MSNBC: "It's pretty hard to distinguish this from an act of aggression that rises to the level of an attack that qualifies as war. ... "
12) Coons again: "[T]his is as destructive and broad scale an engagement with our military systems, our intelligence systems as has happened in my lifetime."
13) Senator Mitt Romney (R-UT) likened the cyberattack to a situation in which "Russian bombers have been repeatedly flying undetected over our entire country."
(from the previous Yahoo link upthread.)
(from the previous Yahoo link upthread.)
14) A story about American hubris:
" Speaking at a private dinner for tech security executives at the St. Regis Hotel in San Francisco in late February, America’s cyber defense chief boasted how well his organizations protect the country from spies." https://www.reuters.com/article/global-cyber-usa-idUSKBN28T0Y1
" Speaking at a private dinner for tech security executives at the St. Regis Hotel in San Francisco in late February, America’s cyber defense chief boasted how well his organizations protect the country from spies." https://www.reuters.com/article/global-cyber-usa-idUSKBN28T0Y1
15) "U.S. teams were “understanding the adversary better than the adversary understands themselves,” said General Paul Nakasone, boss of the National Security Agency (NSA) and U.S. Cyber Command, according to a Reuters reporter present at the Feb. 26 dinner."
16) "Yet even as he spoke, hackers were embedding malicious code into the network of a Texas software company called SolarWinds Corp, according to a timeline published by Microsoft and more than a dozen government and corporate cyber researchers."
17) "A little over three weeks after that dinner, the hackers began a sweeping intelligence operation that has penetrated the heart of America’s government and numerous corporations and other institutions around the world."
18) https://www.wsj.com/articles/suspected-russian-cyberattack-began-with-a-little-known-but-ubiquitous-software-company-11608036495
The widespread and monthslong hack of the U.S. government and some of America’s biggest corporations was enabled by an unlikely source: a little-known Austin, Texas, software company called SolarWinds Corp. $SWI ...
The widespread and monthslong hack of the U.S. government and some of America’s biggest corporations was enabled by an unlikely source: a little-known Austin, Texas, software company called SolarWinds Corp. $SWI ...
19) WSJ link: "Security investigators say the company that boasts more than 400 of the Fortune 500 corporations and many government agencies as clients provided the perfect delivery mechanism for a carefully executed intrusion attributed to Russia’s foreign-intelligence service."
20) "A SolarWinds spokesman said the company is working with FireEye Inc., $FEYE a major U.S.-based cybersecurity firm, and the intelligence community and law enforcement on an investigation."
21) "FireEye, which was one of the victims of the incident, said last week the hackers stole a suite of hacking software that it employed to test the security of its customers."
22) Final link blew my mind with SolarWind's password. Also, there was news, as far back as 2017, that SolarWind was compromised. Following highlights from this link: https://www.reuters.com/article/global-cyber-solarwinds/hackers-at-center-of-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-idUSKBN28P2N8
23) "In one previously unreported issue, multiple criminals have offered to sell access to SolarWinds’ computers through underground forums, according to two researchers who separately had access to those forums."
24) "One of those offering claimed access over the Exploit forum in 2017 was known as “fxmsp” and is wanted by the FBI “for involvement in several high-profile incidents,” said Mark Arena, chief executive of cybercrime intelligence firm Intel471."
25) " . . . Arena informed his company’s clients, which include U.S. law enforcement agencies.
Security researcher Vinoth Kumar told Reuters that, last year, he alerted the company that anyone could access SolarWinds’ update server by using the password “solarwinds123”
Security researcher Vinoth Kumar told Reuters that, last year, he alerted the company that anyone could access SolarWinds’ update server by using the password “solarwinds123”
26) “This could have been done by any attacker, easily,” Kumar said.
27 - Finito) Daily Chart of $SWI
28) $SWI https://www.bloomberg.com/news/articles/2020-12-21/solarwinds-adviser-warned-of-lax-security-years-before-hack
29) An endorsement for $CRWD, a bear case for $FEYE, all in one-act from the "new" $SWI: https://twitter.com/SeifelCapital/status/1341879139549278208
