.png "back to home page")
Software and data supply chains are more important than ever to understand and verify #provenance https://t.co/ftkkfobkO9
— Paul Groth (@pgroth) January 3, 2021
After initially issuing a statement that dismissed reports that it had been hacked, Microsoft now admits that hackers breached its network and viewed (but didn't modify) its products' source code as part of the SolarWinds affair. https://t.co/33vKc3FnHe
— Eric Geller (@ericgeller) December 31, 2020
Microsoft Says Russian Hackers Viewed Some of Its Source Code. The hackers gained more access than the company previously revealed, though the attackers were unable to modify code or access emails. https://t.co/rY8fV7tRJ7
— Jesse Damiani (@JesseDamiani) December 31, 2020
My point over the last year, that centralized control and monitoring of IT infrastructure is a fundamentally flawed security philosophy has been given a substantial bit of weight by this hack. https://t.co/IggX6VtnAI
— Bryan William Jones (@BWJones) January 2, 2021
"This is looking much, much worse than I first feared."
— The New York Times (@nytimes) January 2, 2021
As U.S. officials learn more about Russia's cyberattack, the scale of the damage continues to grow. https://t.co/uDq77peY96
October 2019!!! It is becoming increasingly clear that missing this hack is one of the Trump Administration’s largest & most consequential failures. 2nd only to COVID mismanagement.
— Bianna Golodryga (@biannagolodryga) January 2, 2021
“The SolarWinds hacking, which began as early as October 2019,”https://t.co/PstJ9Vmt0m
Huge?
— Annie Jacobsen (@AnnieJacobsen) January 3, 2021
“Those questions have taken on particular urgency given that the breach was not detected by any of the government agencies that share responsibility for cyberdefense — [DoD, NSA, DHS] — but by a private cybersecurity company, FireEye.” https://t.co/B2ALdOg0DS
"American officials responsible for cybersecurity are now consumed by what they missed for 9 months: a hacking, now believed to have affected upward of 250 federal agencies, that Russia aimed not at the election but at the rest of the US government." https://t.co/3BWHChM1ZF
— Richard Stengel (@stengel) January 2, 2021
New: As US officials grapple w/ fallout from hack of government & private sector systems, questions are swirling about whether the agency tasked with protecting the nation from cyberattacks is up to the job.
— Zachary Cohen (@ZcohenCNN) January 2, 2021
First story of 2021 w/ @vmsalama & @b_fung https://t.co/WCYqT57W7t
This just shouldn’t happen:
— Bianna Golodryga (@biannagolodryga) January 2, 2021
“Some of the compromised SolarWinds software was engineered in Eastern Europe, and American investigators are now examining whether the incursion originated there, where Russian intelligence operatives are deeply rooted.”https://t.co/PstJ9Vmt0m
“SolarWinds moved much of its engineering to satellite offices in the Czech Republic, Poland, and Belarus, were engineers had broad access to the Orion network management software that Russia’s agents compromised.”
— Molly McKew (@MollyMcKew) January 2, 2021
Seriously, I can’t. https://t.co/H9taHvvYq2
Trump plans to issue three cyber-related "presidential determinations" soon, one of which transfers some authority from DoD to CISA, per new CNN story.
— Eric Geller (@ericgeller) January 2, 2021
Also in here: Trump appointees have been asking how SolarWinds intrusions could hurt him politically.https://t.co/vHisdf4EeR pic.twitter.com/1GrxgZnKIl
1/ When I pointed out supply chain weaknesses in the voting machine industry in 2019 I didn't have the software supply chain specifically in mind, but, yes, we had better start treating these technologies with the seriousness they deserve: https://t.co/bN4Q5B47Tp https://t.co/82gkqcHYiL
— Richard DeMillo (@rad_atl) January 2, 2021
Russia isn't just breaking into **250 federal government networks** for no reason.
— Grant Stern (@grantstern) January 3, 2021
This is INCREDIBLY DANGEROUS and Donald Trump isn't saying a word about it but installed cronies atop our NatSec institutions that are ignoring everything.https://t.co/BQ6KsBorWB
Time and time again, Moscow is able to take advantage when the US focus is elsewhere. The hack affected 250+ federal agencies and businesses was “aimed not at the election system but at the rest of the US government and many large American corporations.” https://t.co/x4Yr7222TQ
— Dr Alina Polyakova (@apolyakova) January 2, 2021
DUCK ME
— File411 (@File411) January 2, 2021
“breach is far broader than first believed...Russia sent its probes only into a few dozen of the 18,000 government and private networks..it now appears Russia exploited multiple layers of the supply chain to gain access to as many as 250 networks”https://t.co/OIPEUYNfvo pic.twitter.com/xZNZWrO0Pq
Very well-sourced and professional reporting by @SangerNYT, @nicoleperlroth, and @julianbarnes. Difficult to come up with the right metaphor or analogy, but fair to say that Russian spies have secretly been roaming through government offices since March.https://t.co/lTfXaz7D2v
— Michael Marquardt (@MarquardtGlobal) January 2, 2021
An American president who empathize with America's enemies presided over the biggest Russian hack in history https://t.co/lN5FONrJnt
— Anne Applebaum (@anneapplebaum) January 2, 2021
New: Microsoft says #SolarWinds hackers were able to access "a number of source code repositories."
— Raphael Satter (@razhael) December 31, 2020
However, the company adds that it "found no indications that our systems were used to attack others."https://t.co/INlfkBxoAk pic.twitter.com/kJwTxR2oKt
None of the SolarWinds customers contacted by The New York Times in recent weeks were aware they were reliant on software that was maintained in Eastern Europe. Many said they did not even know they were using SolarWinds software until the breach.
— Nicole Perlroth (@nicoleperlroth) January 2, 2021
New deep dive with @SangerNYT on the SolarWinds hack found its 5-6X broader than initially believed with ~250 victims (MSFT tallied 40 initially).
— Nicole Perlroth (@nicoleperlroth) January 2, 2021
-The backdoored Orion software was built/maintained in Eastern Europe.
-Concern another major vector used.https://t.co/Di6IICPWIN
Burn it all down. "Some security experts said that ridding so many sprawling federal agencies of the S.V.R. may be futile and that the only way forward may be to shut systems down and start anew" https://t.co/x2aoTEchND
— Shashank Joshi (@shashj) January 2, 2021
This cyberattack update is extremely alarming
— Olga Lautman (@OlgaNYC1211) January 2, 2021
The breach is far broader than first believed. It appears Russia exploited multiple layers of supply chain to gain access to as many as 250 networks.
Hackers managed their intrusion from servers inside US
https://t.co/JOFvW3Ev8G
Absolutely devastating. This was a cataclysmic failure of government from the top-down.
— Scott Stedman (@ScottMStedman) January 3, 2021
"it now appears Russia exploited multiple layers of the supply chain to gain access to as many as 250 [government] networks." https://t.co/aZdDNA88Ns
As Understanding of Russian Hacking Grows, So Does Alarm:
— Julia Davis (@JuliaDavisNews) January 2, 2021
Russia's hacking operation is "now believed to have affected upward of 250 federal agencies and businesses."
“The size of it keeps expanding. It’s clear the United States government missed it.”https://t.co/nOOHdJh33B
“SolarWinds moved much of its engineering to satellite offices in the Czech Republic, Poland, and Belarus, were engineers had broad access to the Orion network management software that Russia’s agents compromised.”
— Molly McKew (@MollyMcKew) January 2, 2021
Seriously, I can’t. https://t.co/H9taHvvYq2
The chaos Putin foments in our country: not bothering to fix the election for his puppet while invading more than 250 government agencies and businesses. Republicans are creating enough division about the election that happened in November. Meanwhile... https://t.co/1TGbSFWIyU
— Barbara Malmet (@B52Malmet) January 3, 2021
The US government was asleep at the switch: “As Understanding of Russian Hacking Grows, So Does Alarm” https://t.co/308UguLcff
— Mia Farrow (@MiaFarrow) January 3, 2021
Three weeks after its discovery, the Great Hack of the US govt. and corps. is generating more mysteries than answers. Was it espionage? Something more nefarious? And why is it’s scope broadening? W/ @nicoleperlroth & @julianbarnes https://t.co/DA0MYpT38m
— David Sanger (@SangerNYT) January 2, 2021
"SolarWinds moved much of its engineering to satellite offices in the Czech Republic, Poland and Belarus, where engineers had broad access to the Orion network management software that Russia’s agents compromised."
— Frederick Hirsch (@fjhirsch) January 2, 2021
outsourcing. see also cost savings.https://t.co/nVNVhQG9gR
?On Trump’s Watch, Russia Hacked America. Some of the compromised SolarWinds software was engineered in Eastern Europe, and investigators are examining whether the incursion originated there, where Russian intelligence operatives are deeply rooted. https://t.co/96k1R5Nyrq
— Venture Capital (@kelly2277) January 3, 2021
Remember this any time someone says the government should be run like a business https://t.co/ACHVtKRRLD pic.twitter.com/JwHaY55cXO
— Evan Hill (@evanchill) January 2, 2021
You’ll not be surprised to learn that the Solar Winds debacle originated in cost cutting shareholder value creation https://t.co/ZNdniEifVR pic.twitter.com/MKBWa9MTxp
— Jens van 't Klooster ??? (@jvtklooster) January 3, 2021
It's never good when your security is described as "tacked on." https://t.co/6UlxJGtpkK pic.twitter.com/s0P1TRPxyS
— Jeffrey Vagle (@jvagle) January 2, 2021
The new “more aggressive” US cyber strategy needs a lot more scrutiny after failing to deter, detect, or prevent the massive SolarWinds breach https://t.co/8U6P9IXvrM pic.twitter.com/UXVh2jrGEw
— brianweeden (@brianweeden) January 2, 2021
SolarWinds hack may have been much wider than first thought https://t.co/9xjmQxPS3Y #tech #feedly #CyberSecurity #CES2021
— Nicolas Babin #CES2021 (@Nicochan33) January 3, 2021
SolarWinds hack may have been much wider than first thought https://t.co/9cxP8kYb3u
— The Cyber Security Hub™ (@TheCyberSecHub) January 2, 2021
SolarWinds hack may have been much wider than first thought https://t.co/5kS6XlT8s2 #cybersecurity #infosec #natsec pic.twitter.com/N7IUCEwaFZ
— Reg Saddler (@zaibatsu) January 3, 2021
The sky was the limit...
— Datenschutz Bochum - Nicht ist unmöglich. (@Bo_Datenschutz) January 2, 2021
SolarWinds hack may have been much wider than first thought | Engadget https://t.co/hGfjk9MiiR
“This may go beyond reconnaissance. Their goal may be to put themselves in a position to have leverage over the new administration, like holding a gun to our head to deter us from acting to counter Putin," @SpauldingSez told NYT: https://t.co/IVcjqZJN55
— Nina Jankowicz (@wiczipedia) January 2, 2021
It's reportedly possible the hackers accessed Black Start, the detailed technical blueprints for the U.S. would restore power in case of a major blackout. If that was indeed the case, Russia would https://t.co/fkoBRZRJ2H
— ≡l≡v≡nth (@3L3V3NTH) January 2, 2021
Drama?
— Ian Northing (@Ianbins) January 3, 2021
U.S. officials are reportedly privately worried Russia stole blueprints for U.S. blackout restoration https://t.co/AFpcESMnCw
SON OF A...
— File411 (@File411) January 2, 2021
“...agency "pierced" classified systems and stole sensitive communications and plans during an alleged cyberattack on what may have hundreds of networks in the United States...”https://t.co/j2nKHrt8Kg
You don’t say. https://t.co/pyFYd0Q2Gm pic.twitter.com/UavsAAiqdg
— Sean O'Kane (@sokane1) January 3, 2021
Yahoo News: U.S. officials are reportedly privately worried Russia stole blueprints for U.S. blackout restoration.https://t.co/BTQlnYChDL
— Señor Baggins (@barrelrider684) January 3, 2021
via @GoogleNews
Controlling our power system has been a goal
— Justice4all (@JamesLindholm1) January 2, 2021
DONT BE SHRPRISED
U.S. officials are reportedly privately worried Russia stole blueprints for U.S. blackout restoration https://t.co/sNzXIAcWuF
Scope of Russian Hacking Far Exceeds Initial Fears. Not China @senrobportman Not CHina. https://t.co/4PzMZ3KLwr
— K. C. Boyd (@KCBoyd3) January 3, 2021
Following the recent Russian hack, officials are still trying to understand whether it was simply espionage or something more sinister, inserting “backdoor” access into gov agencies, major corps, the electric grid and labs developing new nuclear weapons.https://t.co/VFOzRX0Z9g
— Ariana Pekary (@arianapekary) January 3, 2021
The New York Times must be stopped. https://t.co/yXDronKm6I pic.twitter.com/99MZte6ono
— Eric Geller (@ericgeller) January 3, 2021
"[...] the S.V.R. gained access to the NetWitness Investigator tool that investigators use to uproot Russian back doors, manipulating it in such a way that the hackers continued to evade detection."
— Dino A. Dai Zovi (@dinodaizovi) January 3, 2021
Common thread of non-separated monitoring systems...https://t.co/gQ1LSclmmM
Nominating this piece by @nicoleperlroth, @SangerNYT and @julianbarnes as the most important and consequential of 2021 (so far.) https://t.co/H6UCG3xoK4
— Sue (a/k/a Dr.) Halpern (@suehalpernVT) January 3, 2021
Another legacy of Putin-Trump collusion alarmism?
— Max Abrahms (@MaxAbrahms) January 2, 2021
“The government’s emphasis on election defense, while critical in 2020, may have diverted resources and attention from long-brewing problems like protecting the ‘supply chain’ of software.” https://t.co/KkxujnT5Rk
Yeah this is real bad https://t.co/H47eCD8cLN
— Brian Floyd (@BrianMFloyd) January 3, 2021
The more we learn about this intrusion campaign, the worse it gets. https://t.co/lLG6KWnCXG pic.twitter.com/KTb994q0my
— Jason Sparks (@sparksjls) January 3, 2021
As Understanding of Russian Hacking Grows, So Does Alarm https://t.co/tfWrhB6g8z
— Trevor McKee Achilles (@MrTAchilles) January 3, 2021
Senate Republicans do their job? Fat chance. I'm wondering when Ron Johnson will resign as Chair of Homeland Security for chasing down non-existent voter fraud while the Russians hacked our agencies. https://t.co/BzZGrXClGv
— Ag Science Writer (@agsciencewriter) January 3, 2021
RUSSIAN HACK AFFECTED 250 GOVERNMENT AGENCIES
— Bombshell DAILY ? (@BombshellDAILY) January 3, 2021
Historically the most successful data breech in our history. Kremlin is delighted.https://t.co/DAzBZLN97p
The Russia-linked SolarWinds hack which targeted US government agencies and private corporations may be even worse than officials first realized, with some 250 federal agencies and business now believed affected: https://t.co/OfaVdCxEnS
— Adam Levin (@Adam_K_Levin) January 3, 2021
“[E]arly warning sensors that Cyber Command and the NSA placed inside foreign networks to detect potential attacks appear to have failed.” @verge
— Guy Snodgrass (@GuySnodgrass) January 3, 2021
Traditional deterrence measures fail when cyber attack is stronger than defense.https://t.co/NuT0Ay3KMu
? SolarWinds hack may be much worse than originally feared#SolarWindsHack #SolarWinds #CyberSecurity #Infosec https://t.co/BQaHTAh1oL
— Dr. ir Johannes Drooghaag (JD) ? (@DrJDrooghaag) January 3, 2021
SolarWinds hack may be much worse than originally feared.
— The Great War & Modern Memory (@ps9714) January 3, 2021
Some 250 government agencies and businesses may have been affected.https://t.co/xmPu184MRr
SolarWinds hack may be much worse than originally feared https://t.co/w4FPSHhFc3 via @Verge #CyberSecurity #hackers #infosec
— Evan Kirstel #RemoteWork (@EvanKirstel) January 3, 2021
??I'm shook... this is concerning.
— @tiffanydcross (@TiffanyDCross) January 3, 2021
As Understanding of Russian Hacking Grows, So Does Alarm https://t.co/ikheJ9QCTX
NYT - As Understanding of Russian Hacking Grows, So Does Alarm. Those behind the widespread intrusion into government and corporate networks exploited seams in U.S. defenses and gave away nothing to American monitoring of their systems. https://t.co/9jH8ZACma9 #Cybersecurity
— Carles Dijous (AAlb) (@carlesdijous) January 2, 2021
As Understanding of Russian Hacking Grows, So Does Alarm https://t.co/pQQhZ5geL7 #cybersecurity
— Mark Evans (@marktevans) January 2, 2021
As Understanding of Russian Hacking Grows, So Does Alarm - The New York Times https://t.co/JPK6cQU7KU #CyberSecurity pic.twitter.com/E9UOcH8rrt
— мaттιaѕ wacнтмeιѕтer (@mattiaswac) January 2, 2021
#Cybersecurity #InfoSec As Understanding of Russian Hacking Grows, So Does Alarm https://t.co/MCfqjNDfvc, see more https://t.co/89yi9eBYhl
— SritaK (@SritaKaren) January 2, 2021
As Understanding of Russian Hacking Grows, So Does Alarm https://t.co/wRzBjAnkqQ #cybersecurity
— Peter Blenkinsopp (@blenkinp) January 3, 2021
As Understanding of Russian Hacking Grows, So Does Alarm https://t.co/VpDthPTnMR #CyberSecurity #Auspol #LNPfail
— Ray Marx & Robyn Deane (@marxdeane) January 3, 2021
SolarWinds hack may have been much wider than first thought#cybersecurity #phishing #malware #Infosec#cyberthreats #ramsomware #hacking #databreach#dataprotection #privacy #dataleak #cyberattackshttps://t.co/hIMG8xHra4 pic.twitter.com/TzjUH25KPJ
— Paula Piccard ?? ?? (@Paula_Piccard) January 4, 2021
This is what happens when Trump appoints fools and swamp monsters to run government agencies. They're so busy spreading fake news and propaganda for Trump they are asleep at the switch and let Russia raid our government's national security secrets.https://t.co/MVOhXsXOXj
— John Oberlin (@OMGno2trump) January 3, 2021
U.S. officials are reportedly privately worried Senate Republicans let Russia steal blueprints for U.S. blackout restoration https://t.co/kmhViWwMr1
— De HQED (PhD) (@HQEDphd) January 3, 2021
SolarWinds hack may be much worse than originally feared #CyberSecurity #osint #cyberthreats #hackers #darkweb #databreaches #cybercrime #CyberSec #dataprivacy #italy #cyberintelligence #cyberattack #cybercriminals https://t.co/shaIWvoPmb
— Jiniba (@JinibaBD) January 3, 2021
SolarWinds hack may be much worse than originally feared https://t.co/cUpAyQ1G5X
— The Cyber Security Hub™ (@TheCyberSecHub) January 2, 2021
Russian SolarWinds hack may be much worse than originally feared. 250 businesses, organizations and governmental agencies hacked. https://t.co/LThL1NJkam via @Verge
— Trial Lawyer Richard (@TrialLawyerRich) January 4, 2021
SolarWinds hack may be much worse than originally feared https://t.co/wxd71t2rVa
— Only In Vegas ➐ (@OnlyInVegas702) January 3, 2021