Breaking: State disconnects SolarWinds software, same as attacked by Russians

23

The State Security Office has been notified by the Cybersecurity and Infrastructure Security Agency (CISA) that some versions of a system monitoring software the state uses is being exploited by “malicious actors.”

Those malicious actors are believed to be Russian spies, or foreign intelligence workers, as they are being called. SolarWinds Orion products have been attacked by Russian hackers all over the United States.

On Monday, all State of Alaska departments that have SolarWinds Orion products, versions 2019.4 through 2020.2.1 HF1, on their network were instructed to immediately disconnect or power down the products from their networks.

The State Security Office said that until it gets the Windows operating system rebuilt and reinstalls the patched SolarWinds software, departments are prohibited from rejoining the Windows host operating system to the “enterprise domain.”

Additionally, information technology officers in the State of Alaska have been instructed to block all traffic to and from hosts, external to the enterprise, where any version of the SolarWinds Orion software has been installed.

On Sunday, CISA issued Emergency Directive 21-01 that calls on all federal civilian agencies to review their networks for signs of compromise and disconnect or power down SolarWinds Orion products immediately.  

“The compromise of SolarWinds’ Orion Network Management Products poses unacceptable risks to the security of federal networks,” said CISA Acting Director Brandon Wales. “Tonight’s directive is intended to mitigate potential compromises within federal civilian networks, and we urge all our partners—in the public and private sectors—to assess their exposure to this compromise and to secure their networks against any exploitation.”  

Since at least March, Russian hackers have inserted malicious updates into IT management platforms, hitting the U.S. Departments of Commerce, Treasury, and Homeland Security, as well as a security firm called FireEye.

SolarWinds has hundreds of thousands of clients. On Monday, the company told the Security and Exchange Commission that at least 18,000 were potentially attacked.

Both FireEye and Microsoft have accounts of what the threat entails. It appears that is so vast that no one really knows the extent of it.

Attackers used Orion software as a door into computer systems, where they were able to steal administrative tokens, and then go in and out of the system with data.

The attacks were first reported by Reuters on Sunday.

SolarWinds said in a statement that hackers had managed to alter the versions Orion, a network monitoring tool, that were released in March and June.

“We have been advised this attack was likely conducted by an outside nation state and intended to be a narrow, extremely targeted, and manually executed attack, as opposed to a broad, system-wide attack,” SolarWinds wrote.

23 COMMENTS

    • Yes, Jeremy. This is the software used by Dominion Voting Systems just like the ones used here in Alaska. This is why this election was a farce and completely rigged! I do not believe it is Russia because that is what all the Democrats are currently saying in unison, timing very suspect. My money is on China using this software to manipulate our election. This entire election should be tossed and all Dominion Machines impounded by the Feds!

  1. How do we know it’s not Chinese hackers looking like Russians? More details would be nice on that. It’s become clear that China has no qualms about acting this way, and yet, we always hear it’s the Russians. What has China gotten, I have to wonder.

  2. Ok great now lets have a forensic audit of the DOMINION machines just to make sure all was done proper. I was made to use a sharpie pen to fill my ballot. It is now clear that that tactic was used to spoil ballots and have them adjudicated by a individual who could decide for me who I voted for. Please you “hair on fire” low information people save your comments and denials for ADN .

    ⚠️ This comment has been flagged as the absolute truth

  3. Dominion Voting Systems deleted SolarWinds reference from their website
    Insider Paper’s Photo
    by Insider Paper
    Tuesday, Dec 15, 2020 – 18:10

    The Dominion Voting Systems website has removed the link and reference for SolarWinds from their platform. It seems that the Dominion Voting Machines are trying to hide their relationship with SolarWinds. SolarWinds has been the center of conspiracy since the past few days after the big hack. The Dominion Voting Systems are being criticized for using a technology firm that was hacked. These voting systems assist voting in 28 states, therefore being attached to a technology firm that was hacked is not good for its name.

  4. March….1, 2, 3,..5,….8 months. Good thing we caught that one quickly, before there was time for anything to happen.

  5. Dominion switching many votes at a time, shutting down when the loads are going the wrong way. Then manually over-riden when necessary to make sure the deep state wins and the little guy loses. Time to check all of the Dominion systems and servers before they wipe them.

  6. Perhaps it’s time to examine the possibility of an “inside” job-like a domestic terrorist that could alter voting machines or even health statistics,you know-anything that might keep the general public in panic

  7. It’s by this Friday that the NDI must file his report on the security of the election, 45 days after the election. I wonder what they have uncovered

    .

    Can’t wait to see any possible disclosures. I think some “Republicans” are going to get caught having some unhappy endings.

  8. How convenient! The “Russians ” hacked us again & the story breaks the same day that Australian news media breaks a story about a leaked Communist China intelligence document that lists hundreds of thousands of Chinese Communist Party assets that have infiltrated to the highest levels multinational corporations, academia & government positions. At the same time that a Michigan audit of Dominion Voting machines reveals a 68% error rate. Look, look over there! Nothing to see here!

  9. In 2013 I went to my credit union ATM to draw out a hundred bucks. Lo and behold there was over 983 thousand bucks in my debit card account.
    I went down to the head office and told them that I didn’t appreciate them laundering money through my account. If money is flushed through enough accounts, quickly enough, it magically “disappears”.
    Anyone else find large sums in your accounts, which disappeared within minutes? I believe it happens mostly when we should be home, asleep in bed.
    I do all my banking in person, not electronically. I drive 9 miles to my credit union, and don’t begrudge the gallon or so of gas it took. The latest hack notification was a nothing burger to me because it involved online banking.
    I also never use social media, nor let my not so smart phone on the net. There’s no “hello google” going on with my phone.
    The worst I do is toss in my2cents, and annoy some people, in a limited number of news media comment sections.

Comments are closed.