It's a network monitoring and configuration application. A typical set up is you have a server that polls network devices looking for their status. Other configurations have Solarwinds managing those devices. Our H1B friends who manage these for the government decided to open their Solarwinds consoles to the open internet. Why? Because typing in a six digit from a keyfob requires extra work. Can't have that. When it was discovered the bad guys got into Solarwinds and inject their raw source code BACK IN 2018. So when patches were compiled and sent out, backdoors got installed. Once that happened the attackers had access for at least 20 months. Oh...and Solarwinds was just as stupid. All of their code repositories had the password "solarwinds123". I truly wish I was making this up.
That sort of makes sense. Half of what you said seems to fundamentally misunderstand terminology, but I have a vague picture of what you mean.
I wonder if Solarwinds actually provides VPNs? I'm not sure how monitoring equipment would be able to compromise anyone. It's possible, I guess, if it had the credentials for privileged access to what it was monitoring.
Although, that would be a separate issue, I guess.
It's complete failure, with 100% being Solarwinds for weak security controls on their code and the government for having incompetent personnel managing their deployment. This was completely and totally preventable. But just like after 9/11, the people who let it happen got raises and promotions. No doubt the same will happen here.
Fuck man. We've gotten primary everyone and storm the local politics. Never give up. Never surrender. All that buzzlightyear bullshit.
(post is archived)