The SolarWinds drama it just won’t stop. It’s a story of Russian hackers – and potentially Chinese hackers – alleged email spies, and an open hole in security vulnerabilities that seems to get worse as more details emerge. Now we can add another twist to the story: the laughingly insecure password “solarwinds123”. In the latter case, at SolarWinds you would like to know that it was the fault of the intern.
At a joint hearing on Friday, former SolarWinds CEO Kevin Thompson told representatives of the House Oversight and Homeland Security Committees that the “solarwinds123” password, which protected a company server, was “related to an error committed by an internal and violating our password policies.” Thompson explained to lawmakers that inmates had posted the password to their own private GitHub account.
“As soon as it was identified and brought to the attention of my security team, they ended it,” Thompson said.
The password security issue dates back at least to 2018, though SolarWinds ’testimony on Friday indicates it could backfire even further. In December, security researcher Vinoth Kumar he told Reuters which warned SolarWinds that anyone could access their update server via “solarwinds123”. CNN reported that the password was available online since June 2018 at least.
G / O Media may receive a commission
However, at the hearing, Sudhakar Ramakrishna, current CEO of SolarWinds, told lawmakers that the password “solarwinds123” was used on one of the intern’s servers in 2017.
In accordance with CNN, Kumar showed SolarWinds that the password allowed him to log in and deposit files on the server. This was a way for any hacker to upload malicious programs to SolarWinds, the researcher said.
“I have a stronger password than‘ solarwinds123 ’to prevent my kids from watching too much YouTube on their iPad,” California Democrat Rep. Katie Porter, a Democrat, told sighted SolarWinds.
At this point, however, it is not yet known if the password leak played a role in the SolarWinds hack, CNN noted, which is believed to be the largest foreign intrusion campaign in US history. This month, White House National Security Minister Anne Neuberger stated that approximately 100 different companies and nine federal agencies, including the one overseeing the country nuclear weapons, had been compromised by foreign hackers.
The government is currently investigating the hack, and it is it is not yet clear to which hackers could have access. The investigation is expected to last several months. Kevin Mandia, CEO of FireEye, the cybersecurity company that discovered the hack, he said we may never know the extent of the attack.
“The end result: we may never know the full scope and extent of the damage, and we may never know the full scope and scope of how the stolen information is benefiting an opponent,” Mandia said.
Still, we know one of the causes of the attack: a poor unnamed inmate who SolarWinds threw under the bus.