Russian hack

[BetCheckBet]

Came here to read sonatines take and sadly don’t see anything. What’s going on and how freaked out should we be?

[dwai]

considering you're Canadian, I wouldn't worry, fag

[sonatine]

so let me put it like this.

the backdoor has a command/control function that performs a DNS lookup and depending on the response, will either execute or self destruct.

meaning cozy bear had so many networks compromised, their top priority was weeding out low-value targets.

the good news is that a lot of networks have their most sensitive data behind several layers of controls. like honestly i doubt they got very far into the department of energys network. CIA has all their heavy classified shit on like, a totally isolated network as well, same with NSA. so its just not super likely they managed to jump in to those network segments.

however.

there was a briefing today and the one comment presented when it was done was 'this was much worse than people know'.

so yeah i mean, when i see people saying this is the single worst act of espionage in the history of our nation, i have to say they might not be lying.

[sonatine]

also the only reason this got rumbled was fireeye chasing down their breach.

if not for them, this could have gone on for years.

which calls into question; how the fuck did no one find this backdoor until fireeye?

[sonatine]

ill post more info as i get it, im particularly curious about the timeline on the compromise of the build server at solarwinds, and to what extent the microsoft hack was utilized as well.

[Rick Sanchez]

Trump moved cyber security budget to pay for his wall before major hacking assault

https://www.independent.co.uk/news/w...-b1776007.html

Wow, where have I heard this story before? Something about dismantling a pandemic response team in 2018...

Who was it on this forum who keeps saying stuff like "He may not act like a perfect gentleman, but he's good on policy and that's why I vote for him"

[dwai]

Trump moved cyber security budget to pay for his wall before major hacking assault

https://www.independent.co.uk/news/w...-b1776007.html

Wow, where have I heard this story before? Something about dismantling a pandemic response team in 2018...

Who was it on this forum who keeps saying stuff like "He may not act like a perfect gentleman, but he's good on policy and that's why I vote for him"

[Walter Sobchak]

Like the pandemic, it's not originally Orange Cuck's fault but he made it worse with incompetence.

Maybe there's a reason money is allocated to things like cybersecurity and it should not be just shifted over to the wall without thinking through the consequences.

Ironically the Russians have done more damage without setting foot in the country than all the Mexicans who would be stopped by a wall.

[Rick Sanchez]

I'm sure sonatine and Druff understand this better than most: when safeguards are working, nobody notices. You only notice when a lack of security leads to failure.

This happens all the times in companies with incompetent management. "Why am I paying all these IT people? They're not producing anything!"

So you cut corners until something catastrophic happens, then you close the barn door with the horses already out.

[sonatine]

literally said this to my therapist yesterday, re employment anxiety;


'when no one breaks into your network, they wonder why they are paying you. and when someone breaks into your network, they wonder why they are paying you.'

[Sanlmar]

literally said this to my therapist yesterday, re employment anxiety;


'when no one breaks into your network, they wonder why they are paying you. and when someone breaks into your network, they wonder why they are paying you.'

I was a contractor walking through TJX Framingham IT just after their hack. One of the first big breaches. They were simultaneously stars and bums.

They were pretty clueless on the hardware side.

[sonatine]

speaking of hardware, people are seriously contemplating the need to physically replace routers / switches / etc.

like there is real concern that they are literally burrowed in that deep to the infrastructure.

[sonatine]

in before they find out cisco was popped too.

[sonatine]

i swear to fucking god, i just tabbed to a war room and saw this:

"Cisco is committed to transparency. Following the announcement of the SolarWinds Orion Platform software attack, the Cisco Security team immediately began our established incident response processes to address the issue quickly and thoroughly. While Cisco does not use SolarWinds Orion for its enterprise network management or monitoring, we have identified and mitigated affected software in a small number of lab environments and a limited number of employee endpoints. At this time, there is no known impact to Cisco offers or products. We continue to investigate all aspects of this evolving situation with the highest priority." – Cisco Spokesperson

[Dan Druff]

Came here to read sonatines take and sadly don’t see anything. What’s going on and how freaked out should we be?

You scared me. With the threat title, I thought the Russians got into PFA again.

[sonatine]

Embedded Tweet

https://twitter.com/twt/status/1339168187619790848

cool cool


someone should get krebs on this oh right trump fired him for refusing to pretend the election was compromised.

[Walter Sobchak]

speaking of hardware, people are seriously contemplating the need to physically replace routers / switches / etc.

like there is real concern that they are literally burrowed in that deep to the infrastructure.

And if the equipment is Huawei, you know it is reporting everything back to the Chinese government, or at least is capable of doing so on demand from the CCP. The anti-Huawei campaign is one of the few things Trump has done that I approve of, though even that hasn't been done very well.

[Walter Sobchak]

Embedded Tweet

https://twitter.com/twt/status/1339168187619790848

cool cool


someone should get krebs on this oh right trump fired him for refusing to pretend the election was compromised.

I see Cam City in there. Looks like someone got a free strip show.

[desertrunner]

Well, atleast we know it wasnt this guy...

[Dan Druff]

I'm sure sonatine and Druff understand this better than most: when safeguards are working, nobody notices. You only notice when a lack of security leads to failure.

This happens all the times in companies with incompetent management. "Why am I paying all these IT people? They're not producing anything!"

So you cut corners until something catastrophic happens, then you close the barn door with the horses already out.

I've been saying this for years about election fraud, though, and the left has laughed at me.

I say, "Don't leave gaping holes in election security, including many which are difficult/impossible to detect when breaches occur, and then state 'There's no evidence we have a voter fraud problem.' That's not how security is supposed to work."

Yet we still have many on the left who feel that, until we have a proven major incidence of voter fraud, it's fine for security to be weak. Because racism or something.

Regarding this particular hack, I don't think that budgetary cuts for cybersecurity are/were smart. However, these hacks are often not a function of budget, but rather of competence/incompetence.

For example, Twitter is definitely not under-budgeted, yet their horrendous (and dangerous) blue check-mark hack occurred due to a simple matter of social engineering.

I think there's a good chance money wasn't the difference maker here.