The Cyberpandemic has Begun: SolarWinds + FireEye – Gmail & Google services down

[Tom Nolan + 2,441]

If you are unaware of the details behind Event 201 of October 18, 2019 with the World Economic Forum, Klaus Schwab, Bill Gates and other Elite players, then you will be way in the dark with the following report about the recent Cybersecurity compromises.  

Here is a link to a quick look at Event 201 of October 18, 2019 with the World Economic Forum, Klaus Schwab, Bill Gates and other Elite players.  https://community.oilprice.com/topic/21900-suggestion-about-the-noise-of-oil-and-gas-plant/#comment-140043

The WEF's proclaimed Cyberpandemic has begun: defense, power, water, finance, and our supply chain are all vulnerable to massive disruptions after FireEye & SolarWind have unleashed weapons of mass digital destruction AND unlocked the back doors of governments, militaries, and nearly the entire Fortune 500. Christian breaks it down, and asks: "Who stands to benefits from this Cyberpandemic?" in this Ice Age Farmer broadcast.

WEBSITE - https://www.iceagefarmer.com/2020/12/15/the-cyberpandemic-has-begun-solarwinds-fireeye-anything-can-happen-now/

(15 minute video)

 

[Tom Nolan + 2,441]

In the video above, Christian mentions his previous short video.  Here it is...

The World Economic Forum warns of a new crisis of "even more significant economic and social implications than COVID19." What threat could possibly be more impactful?

Christian breaks down the WEF's "Cyber Polygon" tabletop exercise, its participants, and predictive programming around a looming large scale cyberattack on critical infrastructure that would unleash a Dark Winter and help to usher in the Great Reset.

Jeremy Jurgens, WEF Managing Director ( https://youtu.be/5ZRg5kiH9Is 😞 "I believe that there will be another crisis. It will be more significant. It will be faster than what we've seen with COVID. The impact will be greater, and as a result the economic and social implications will be even more significant."

Klaus Schwab ( https://youtu.be/0DKRvS-C04o ) : "We all know, but still pay insufficient attention, to the frightening scenario of a comprehensive cyber attack could bring a complete halt to the power supply, transportation, hospital services, our society as a whole. The COVID-19 crisis would be seen in this respect as a small disturbance in comparison to a major cyberattack.

To use the COVID19 crisis as a timely opportunity to reflect on the lessons the cybersecurity community can draw and improve our unpreparedness for a potential cyber-pandemic."

(14 minutes)

 

 

[Rob Plant + 2,605]

Thanks Tom for posting this.

I'm not a big conspiracy theory fan but I do think a massive simultaneous cyber attack globally is arguably the biggest threat to our way of living. It could devastate nations and send the world into total chaos.

[Meredith Poor + 883]

Some of us remember the 'Trilateral Commission' conspiracy theories floating around in the 1970's. Then there's the Bilderberg Conference, stuff about Bill Clinton being the illegitimate son of a Rockefeller, Rothschilds, blah blah blah. Flying saucers and alien spacecraft in Area 51 and all that.

There are 300 million conspiracies to take over the world, and that's just in the United States.

[Tom Nolan + 2,441]

2 hours ago, Meredith Poor said:

Some of us remember the 'Trilateral Commission' conspiracy theories floating around in the 1970's. Then there's the Bilderberg Conference, stuff about Bill Clinton being the illegitimate son of a Rockefeller, Rothschilds, blah blah blah. Flying saucers and alien spacecraft in Area 51 and all that.

There are 300 million conspiracies to take over the world, and that's just in the United States.

Meredith, Don't mix rumor with valid events which are supported by documents.  You can't blend everything into a "conspiracy theorist" label as a means to discredit "in you face evidence".

I guess you did not do your research, nor watch the report.  These were mainstream news reports cited in the Ice Age Farmer video.  Didn't you see the news feeds how Google services went down the other day?  (gmail, YouTube, cloud documents)  Didn't you see all the different news stories about all the cyber events this past week?

Didn't you see the Event 201 at John Hopkins University?

Haven't you researched "The Great Reset"?

[Dan Warnick + 6,100]

47 minutes ago, Tom Nolan said:

Meredith, Don't mix rumor with valid events which are supported by documents.  You can't blend everything into a "conspiracy theorist" label as a means to discredit "in you face evidence".

I guess you did not do your research, nor watch the report.  These were mainstream news reports cited in the Ice Age Farmer video.  Didn't you see the news feeds how Google services went down the other day?  (gmail, YouTube, cloud documents)  Didn't you see all the different news stories about all the cyber events this past week?

Didn't you see the Event 201 at John Hopkins University?

Haven't you researched "The Great Reset"?

You've gotta watch the little baxxards.  Look around, see what happens when we don't?

[Tom Nolan + 2,441]

"Solarwinds123": Hacked IT Company Used Weak Password, While Backdoor Access Peddled On Underground Forums

Wednesday, Dec 16, 2020 - 10:00    by Tyler Durden

https://www.zerohedge.com/political/solarwinds123-hacked-it-company-used-weak-password-while-access-backdoors-peddled

Hacked Texas-based IT infrastructure provider SolarWinds was warned over weak password security last year, after security researcher Vinoth Kumar discovered that the company used "solarwinds123" to protect their update server.

"This could have been done by any attacker, easily," said Kumar, according to Reuters.

On Monday, SolarWinds confirmed that their flagship network management software, Orion, was the target of an international cyberespionage operation which the Washington Post pinned on government-backed Russian hackers - who inserted malicious code into Orion software updates and pushed it out to almost 18,000 customers. 

The malicious updates - sent between March and June, when America was hunkering down to weather the first wave of coronavirus infections - was “perfect timing for a perfect storm,” said Kim Peretti, who co-chairs Atlanta-based law firm Alston & Bird’s cybersecurity preparedness and response team.

Assessing the damage would be difficult, she said.

“We may not know the true impact for many months, if not more – if not ever,” she said. -Reuters

Included in the breach were the US Treasury, the Commerce Department's National Telecommunications and Information Administration (NTIA) and other government agencies.

Meanwhile, Reuters also reports that "multiple criminals have offered to sell access to SolarWinds’ computers through underground forums, according to two researchers who separately had access to those forums."

One of those offering claimed access over the Exploit forum in 2017 was known as “fxmsp” and is wanted by the FBI “for involvement in several high-profile incidents,” said Mark Arena, chief executive of cybercrime intelligence firm Intel471. Arena informed his company’s clients, which include U.S. law enforcement agencies. -Reuters

According to the report, neither the weak password or the stolen access are considered the most likely source of the current intrusion, however Kyle Hanslovan, the cofounder of Maryland-based cybersecurity company Huntress, noticed days after the SolarWinds hack that malicious updates were still available for download.

Dominion?

On Monday, screenshots began floating around of Dominion Voting Systems with a solarwinds logo below a login screen, implying that the 2020 US election may have been compromised by hackers, as opposed to on purpose as Trump and his allies have claimed.

TWEET LINK  - https://twitter.com/CodeMonkeyZ/status/1338431708496945157

Dominion Voting Systems uses SolarWinds products and it is still not powered down. Was Dominion Voting Systems a target? Was Dominion Voting Systems hacked?

https://dvsfileshare.dominionvoting.com/Web Client/Mobile/MLogin.htm

Cybersecurity and Infrastructure Security Agency

 

@CISAgov

JUST RELEASED: Emergency Directive 21-01 calls on all federal civilian agencies to review their networks for indicators of compromise and disconnect or power down SolarWinds Orion products immediately. Read more:

https://www.cisa.gov/news/2020/12/13/cisa-issues-emergency-directive-mitigate-compromise-solarwinds-orion-network

 

Journalist Kim Zetter, however, pointed out that while Dominion does or did use a SolarWinds product, it wasn't their Orion software which was compromised. 

The company's stock has fallen over 25% since Friday's price of $23.50, currently sitting below $18. The company announced on December 9 that CEO Kevin Thompson would be replaced after 11 years at the helm with Sudhakar Ramakrishna, the former CEO of Pulse Secure.

[Tom Nolan + 2,441]

SolarWinds Director Aurora Co-Invest L.P. Slp sold 2,079,823 shares in a transaction on Monday, December 7th. The shares were sold for a total value of over $45,000,000. A total of $189 million was sold by Insider Trading in Q3 of the year.

On December 14th, we knew...

SolarWinds CEO, CFO, and directors reportedly sold $15,000,000 worth of stock in November 2020.

[Ward Smith + 6,615]

42 minutes ago, Tom Nolan said:

The company's stock has fallen over 25% since Friday's price of $23.50, currently sitting below $18. The company announced on December 9 that CEO Kevin Thompson would be replaced after 11 years at the helm

That would be the same Kevin Thompson who just testified yesterday that Dominion did not use Solar Winds products. Under oath, which is what I posted in the other thread. He (or someone under him) quickly removed Solar Winds from the website, but not the source html code. After a break, they got a democrat to throw him a softball question and he was able to "clarify" that it wasn't Orion. In point of fact, the updates were the vector used to change the voting algorithm, also as discussed in the other thread. @Jay McKinsey hasn't been fed his new talking points yet, so is laying low. I already told him how it was done, but the brains haven't caught up to reality yet. 

Here's my prediction. This whole thing will be used as cover to claim Russia hacked the elections on behalf of Trump. Anyone with an IQ over room temperature knows that dog won't hunt, but they're not playing to the high IQ crowd and never were. That's why they've got the full throated support of the dimmest bulbs on this site. 

[Tom Nolan + 2,441]

1 minute ago, Ward Smith said:

That would be the same Kevin Thompson who just testified yesterday that Dominion did not use Solar Winds products. Under oath, which is what I posted in the other thread. He (or someone under him) quickly removed Solar Winds from the website, but not the source html code. After a break, they got a democrat to throw him a softball question and he was able to "clarify" that it wasn't Orion. In point of fact, the updates were the vector used to change the voting algorithm, also as discussed in the other thread. @Jay McKinsey hasn't been fed his new talking points yet, so is laying low. I already told him how it was done, but the brains haven't caught up to reality yet. 

Here's my prediction. This whole thing will be used as cover to claim Russia hacked the elections on behalf of Trump. Anyone with an IQ over room temperature knows that dog won't hunt, but they're not playing to the high IQ crowd and never were. That's why they've got the full throated support of the dimmest bulbs on this site. 

Excellent Ward!

Dominion deleted the reference and link to "SolarWinds" from their website, but we have the archive still. Now you see it... now you dont.

[Boat + 1,315]

3 hours ago, Tom Nolan said:

Meredith, Don't mix rumor with valid events which are supported by documents.  You can't blend everything into a "conspiracy theorist" label as a means to discredit "in you face evidence".

I guess you did not do your research, nor watch the report.  These were mainstream news reports cited in the Ice Age Farmer video.  Didn't you see the news feeds how Google services went down the other day?  (gmail, YouTube, cloud documents)  Didn't you see all the different news stories about all the cyber events this past week?

Didn't you see the Event 201 at John Hopkins University?

Haven't you researched "The Great Reset"?

We just had the great reset, Trump and his cult lost. Not muted mind you. Not quiet. So what is your prez doing about cyber? Seems very little. Putin doesn’t even make the “he’s not loyal” list.

Edited December 16, 2020 by Boat

[Meredith Poor + 883]

4 hours ago, Tom Nolan said:

Meredith, Don't mix rumor with valid events which are supported by documents.  You can't blend everything into a "conspiracy theorist" label as a means to discredit "in you face evidence".

I guess you did not do your research, nor watch the report.  These were mainstream news reports cited in the Ice Age Farmer video.  Didn't you see the news feeds how Google services went down the other day?  (gmail, YouTube, cloud documents)  Didn't you see all the different news stories about all the cyber events this past week?

Didn't you see the Event 201 at John Hopkins University?

Haven't you researched "The Great Reset"?

Some of us work in IT. Things break. Sometimes it's due to malicious behavior, sometimes it's due to neglect.

The IRS Taxpayer Master File is written in IBM 360 Assembler. It's now 55+ years old. One of these decades, the IRS might upgrade it to a current platform, perhaps before the 2050 climate catastrophe. On the other hand, they might wait to see whether that plays out.

Someone that simply flogs 'they're all out to get us' non-stop, day in, day out must not have anything useful to do. Get a job. If you're working for the Russkies, defecting is always an option.

[Jay McKinsey + 1,489]

4 hours ago, Ward Smith said:

That would be the same Kevin Thompson who just testified yesterday that Dominion did not use Solar Winds products. Under oath, which is what I posted in the other thread. He (or someone under him) quickly removed Solar Winds from the website, but not the source html code. After a break, they got a democrat to throw him a softball question and he was able to "clarify" that it wasn't Orion. In point of fact, the updates were the vector used to change the voting algorithm, also as discussed in the other thread. @Jay McKinsey hasn't been fed his new talking points yet, so is laying low. I already told him how it was done, but the brains haven't caught up to reality yet. 

Here's my prediction. This whole thing will be used as cover to claim Russia hacked the elections on behalf of Trump. Anyone with an IQ over room temperature knows that dog won't hunt, but they're not playing to the high IQ crowd and never were. That's why they've got the full throated support of the dimmest bulbs on this site. 

There isn't enough time in the day to address all the silly things you say.

[Tom Nolan + 2,441]

3 hours ago, Boat said:

We just had the great reset, Trump and his cult lost. Not muted mind you. Not quiet. So what is your prez doing about cyber? Seems very little. Putin doesn’t even make the “he’s not loyal” list.

It sounds like you have no clue about "The Great Reset" nor Event 201.   You are in real trouble with that lack of awareness.

[Tom Nolan + 2,441]

36 minutes ago, Jay McKinsey said:

There isn't enough time in the day to address all the silly things you say.

Stay ignorant about what is going on.  You deserve the consequences.

[Tom Nolan + 2,441]

When "Smart" Homes Turn Stupid: Google Users Literally "Left In The Dark" During Monday Outage

by Tyler Durden

Wednesday, Dec 16, 2020 - 16:42

https://www.zerohedge.com/technology/when-smart-homes-turn-stupid-google-users-literally-left-dark-during-monday-outage

By now, Monday's massive Google outage is history for most people. While it was a minor inconvenience for some, with most Google services being down for hours on end, it was a much larger pain in the electronic ass for the tragically hip who have surrendered their "smart" homes to Google.

In fact, of the services that went down, it was Google Home users who were literally left in the dark during the outage on Monday, RT notes. As a result, "smart home" users were complaining about not being able to perform once-simple tasks at their homes - like turning on the lights. 

“I’m sitting here in the dark in my toddler’s room because the light is controlled by @Google Drive Home. Rethinking... a lot right now,” one Twitter user tweeted in the midst of the "blackout". Another user from the U.K. said that connecting his lights to Google Home now “feels like a fatal error.”

ABC News producer Erwin Renaldi quipped: “Thanks Google, now I can’t turn my bedroom light on.”

The outage on Monday morning lasted "less than an hour". But quickly, social media was flooded with Tweets that looked like these:

is there somethinh wrong with google home? my house suddenly become stupid

Same, all my google related things went brrrrr

All of Google is down. I was sending a resume via Google Drive, didn't work. Tried Google Docs, didn't work. Searched for your vids to calm me down on YT, didn't work.

i can't open youtube

OH DAMNNIT. I was watching others struggling with the work disruption unaffected because I'm on Microsoft 365. Only to realize I couldn't turn on the light because my smart home runs on Google Assistant.

Google Nest

@googlenest

Hey there, we stumbled onto your tweet. We are aware of an outage that affected our customers earlier today, and we are truly sorry for any inconvenience. Functionality has been restored, but if you are still experiencing a problem, we're here to help.

Recall, back in August, we wrote about why "smart homes" may not be all they're cracked up to be. We highlighted over the summer that police would routinely request access to people's "smart speakers" during the course of investigations. 

Amazon said this summer it had received more than 3,000 requests for smart speaker user data from police earlier this year, according to an article from Wired. Even more stunning, Amazon complied with the police's requests on more than 2,000 occasions, forking over recordings and data that give law enforcement an ear into someone's household. 

This number marked a 72% increase in these types of requests from the same period in 2016 - the first time Amazon disclosed the data. The number of requests are up 24% year over year. 

Douglas Orr, head of the criminal justice department at the University of North Georgia, told Wired that police look for this smart home data "as routinely as data from smartphones". Police can continue to collect data if one electronic device (like a phone) leads them to another (like a smart home speaker) simply by amending search warrants, he said. 

Google's Nest unit has also seen a similar spike in police demands for data from its smart speakers. The company's annual transparency report shows consistently rising numbers for police requests for data.

[0R0 + 6,251]

9 hours ago, Meredith Poor said:

Some of us work in IT. Things break. Sometimes it's due to malicious behavior, sometimes it's due to neglect.

The IRS Taxpayer Master File is written in IBM 360 Assembler. It's now 55+ years old. One of these decades, the IRS might upgrade it to a current platform, perhaps before the 20to 50 climate catastrophe. On the other hand, they might wait to see whether that plays out.

Someone that simply flogs 'they're all out to get us' non-stop, day in, day out must not have anything useful to do. Get a job. If you're working for the Russkies, defecting is always an option.

They are out to get us. Russians less likely to be so since they are sitting on mountains of energy resources that the WEF kooks are aiming to make worthless. The Chinese and their capital and industrial partners are definitely what makes up WEF. The threats are constant, the Chinese don't hide their aims and surreptitious methods. They intend to do exactly the kind of things the WEF is warning about, because they are of one mind with China. You need to have missed 30 years of mounting corruption and influence buying by China and their racist Marxist brown shirt foot soldiers on the street and progressive fellow travelers in the Dem party, or mercenary interests in the Reps.

You need to spend a few weeks in conspiracy sites and compare your notes to MSM narratives.

[Meredith Poor + 883]

37 minutes ago, 0R0 said:

You need to spend a few weeks in conspiracy sites and compare your notes to MSM narratives.

I don't even know what MSM narratives are, much less comparing my notes to them.

First of all, I believe that the Russians are hacking into western IT infrastructure. I believe that China and Iran are messing with it as well, although everyone has their own objectives. The Russian concerns are fairly prosaic:

1. What is the Trump Administration doing on it's way out the door? How is that going to affect Russian interests?
2. What is the Biden team thinking? Again, how is that going to affect Russian interests? Since Russia gets a lot of it's money from oil and gas, having a US administration that is hostile to fossil fuels is a problem. Some of the question is most likely 'how quickly is the US government going to act, and how thoroughly?'
3. One other scenario is that there is a 'window' due to executive branch distraction. When people have their mind on other things, they leave their guard down. This might be an opportunity for finalizing the training of new people in the Russian intelligence services.
4. The US, along with the EU, have a sanctions regime against Russia. The Russians are most likely concerned these will get even stricter under a Biden administration, particularly if Congress has just passed legislation regarding NordStream 2.

A lot of this is probably focused on 'reading someone's mind' rather than causing much damage. The follow-on problem, needless to say, is that Russia might be good at breaking into computers, but it may not be all that good at making sense out of what it finds. Some of the MSM reports indicate that the backdoors have been installed, but most of them haven't been accessed. When this is tens of thousands of sites, it's likely that most of them have been ignored.

It might be possible for China to piggyback on the vulnerabilities the Russians have left in place, if they haven't installed their own. Again, in the short term, this may be more to look than to touch.

Iran is probably in the mood to break something. In terms of short term harm, this is likely to be the actor we have to watch out for.

[Tom Nolan + 2,441]

Some folks may not believe me, but I will say it anyway...

My nephew is a White Hat Hacker who leads a team.  In fact, his team won the top award at one of the Vegas "hacking" conferences a year or two ago.  He once hacked into the power grid for Canada.  One day, he sat in a bank parking lot with a laptop and hacked into their system.  He has all kinds of classified clearances.  I could tell other stories.  The guy is well aware of what is going down and what has occurred in the past.  He knows about the 9/11 cover-up and he knows about The Great Reset and the NSA & Google spying / collection of information on everyone.  He is a regular family man with kids, but he often makes a quip when we chat in person:  "We are doomed" which is a polite way of saying "We're fucked.".

[Tom Nolan + 2,441]

60 second video by Klaus Scwab

 

By the way, the grayscale and focus angles of the video are from his outfit (The World Economic Forum), not IceAgeFarmer.

Edited December 17, 2020 by Tom Nolan

[ronwagn + 6,290]

Neither President Trump or any other president knows how to code or hack or whatever is involved. We spend more money on our security agencies than anyone else except possibly China. Any fault falls on them and they have spent most of their energy trying to get rid of Trump since before he was elected. You have Clapper, Brennan, Comey and company to blame for all this. 

During the Obama Administration many large hacks took place. Nobody blamed him, that I can recall. In fact 30, million government employees lost online records. In fact I was one of them because I am a veteran. 

Unfortunately we are living under the control of the Deep State, Crony Capitalists, and Left Wingers. They have no scruples whatsoever and are the real enemies in our midst. 

Edited December 18, 2020 by ronwagn

[Tom Nolan + 2,441]

US Nuclear Weapons Agency Breached As Part Of Massive Cyberattack: Report

by Tyler Durden

Thursday, Dec 17, 2020 - 15:39

https://www.zerohedge.com/geopolitical/us-nuclear-weapons-agency-breached-part-massive-cyberattack

The Department of Energy and National Nuclear Security Administration - which maintains the United States' nuclear weapons stockpile - was reportedly breached as part of a massive hack which affected at least six federal agencies, according to Politico, citing officials directly familiar with the matter.

On Thursday, DOE and NNSA officials began coordinating notifications about the breach to their congressional oversight bodies. They found suspicious activity in networks belonging to the Federal Energy Regulatory Commission (FERC), Sandia and Los Alamos national laboratories in New Mexico and Washington, the Office of Secure Transportation and the Richland Field Office of the DOE. The hackers have been able to do more damage at FERC than at the other agencies, the officials said, but did not elaborate. -Politico

According to the report, federal investigators have been assessing networks in recent days to try and get a handle on exactly what was accessed and/or stolen. DOE officials still don't know if anything was actually accessed.

The hack was reported over the weekend - and  conducted by Russian-backed hackers, according to the Washington Post - after Texas-based IT infrastructure provider SolarWinds' Orion Network Management products used across several industries and government applications, was breached earlier in the year.

"The compromise of SolarWinds' Orion Network Management Products poses unacceptable risks to the security of federal networks," said US Cybersecurity and Infrastructure Security Agency (CISA) acting director, Brandon Wales. The agency has issued an emergency directive to federal and civilian agencies to review their networks for suspicious activity and to disconnect or power down SolarWinds Orion products immediately, according to TheHackerNews.

SolarWinds' networking and security products are used by more than 300,000 customers worldwide, including Fortune 500 companies, government agencies, and education institutions.

It also serves several major US telecommunications companies, all five branches of the US Military, and other prominent government organizations such as the Pentagon, State Department, NASA, National Security Agency (NSA), Postal Service, NOAA, Department of Justice, and the Office of the President of the United States.

FireEye, which is tracking the ongoing intrusion campaign under the moniker "UNC2452," said the supply chain attack takes advantage of trojanized SolarWinds Orion business software updates in order to distribute a backdoor called SUNBURST.

"This campaign may have begun as early as Spring 2020 and is currently ongoing," FireEye said in a Sunday analysis. "Post compromise activity following this supply chain compromise has included lateral movement and data theft. The campaign is the work of a highly skilled actor and the operation was conducted with significant operational security." -TheHackerNews

Trump will undoubtedly be pressured to sanction Russia, lest he be accused of further Putin puppetry.

[Tom Nolan + 2,441]

30 Second Warning from The World Economic Forum  (remember their novel-coronavirus pandemic & world lockdown warning of October 18, 2019 in Event 201)  (See above on this Thread for Event 201...their video)

 

 

 

[0R0 + 6,251]

On 12/17/2020 at 2:25 AM, Meredith Poor said:

I don't even know what MSM narratives are, much less comparing my notes to them.

First of all, I believe that the Russians are hacking into western IT infrastructure. I believe that China and Iran are messing with it as well, although everyone has their own objectives. The Russian concerns are fairly prosaic:

1. What is the Trump Administration doing on it's way out the door? How is that going to affect Russian interests?
2. What is the Biden team thinking? Again, how is that going to affect Russian interests? Since Russia gets a lot of it's money from oil and gas, having a US administration that is hostile to fossil fuels is a problem. Some of the question is most likely 'how quickly is the US government going to act, and how thoroughly?'
3. One other scenario is that there is a 'window' due to executive branch distraction. When people have their mind on other things, they leave their guard down. This might be an opportunity for finalizing the training of new people in the Russian intelligence services.
4. The US, along with the EU, have a sanctions regime against Russia. The Russians are most likely concerned these will get even stricter under a Biden administration, particularly if Congress has just passed legislation regarding NordStream 2.

A lot of this is probably focused on 'reading someone's mind' rather than causing much damage. The follow-on problem, needless to say, is that Russia might be good at breaking into computers, but it may not be all that good at making sense out of what it finds. Some of the MSM reports indicate that the backdoors have been installed, but most of them haven't been accessed. When this is tens of thousands of sites, it's likely that most of them have been ignored.

It might be possible for China to piggyback on the vulnerabilities the Russians have left in place, if they haven't installed their own. Again, in the short term, this may be more to look than to touch.

Iran is probably in the mood to break something. In terms of short term harm, this is likely to be the actor we have to watch out for.

No time to give  a broader response, but just to address the potential damage issue, the Russian's have the expertise, Chinese have the bandwidth to burrow into the holes Russia punched through. Russians are just too few to go beyond break ins. But the backdoors were already on sale on the dark web hacker trading forums IIRC since June, so beyond that time it is anyone's guess as to who got in and sniffed around for one morsel or another of info. The outright sniffing expedition that led to discoveries of the attacks on the various govt. networks follow the path of the DNI assessment of foreign interference and fraud in the elections, to its distribution nodes at Treasury, Defense, White House, Commerce etc. All of the distribution list for it.

The most interested party would be China, which is quite capable of doing this on their own, or with the help of any of the many US based cyber security companies where they have their CCP members and spies embedded. And of course, they have a strategic partnership with Russia.

Iran has been in a hot cyberwar with Israel for quite a while now, we shall see what they manage to do there. If Israel continues to come out well, then the US can too, as that is where much of the heavy duty security software is developed.

 

[0R0 + 6,251]

22 hours ago, Tom Nolan said:

"The compromise of SolarWinds' Orion Network Management Products poses unacceptable risks to the security of federal networks," said US Cybersecurity and Infrastructure Security Agency (CISA) acting director, Brandon Wales. The agency has issued an emergency directive to federal and civilian agencies to review their networks for suspicious activity and to disconnect or power down SolarWinds Orion products immediately, according to TheHackerNews.

It seems that firing Krebs out of CISA was a very good decision, as this trojan was worming its way throughout the US govt. departments which CISA was charged with protecting. I guess Krebs was also providing "the most secure networks in the history of the country" just as he had "perfectly secured" the elections.

He is obviously either incompetent of a Chinese/Russian spy.