SolarWinds maintainers blame intern for ‘solarwinds123’ password

by



[ad_1]

Illustration from the article titled SolarWinds Officials Throw Intern Under the Bus for 'solarwinds123' Password Fail

Photo: Kirill Kudryavtsev / AFP via Getty Images) (Getty Images)

The SolarWinds drama won’t stop. It’s a story of Russian hackers – and potentially Chinese hackers – allegedly spying on email, and a gaping hole of security vulnerabilities that seems to get worse as more details come to light. Now we can add yet another twist to the story: the laughably insecure password “solarwinds123”. In the latter case, SolarWinds would like you to know that it was the intern’s fault.

At a joint hearing Friday, former SolarWinds CEO Kevin Thompson told representatives of the House and Homeland Security Oversight Committees that the password “solarwinds123”, which protected a company server, was “related to an error made by an intern and violated our password policies”. Thompson Explain to lawmakers that the intern had posted the password to their own private GitHub account.

“As soon as it was identified and brought to the attention of my security team, they removed it,” Thompson said.

The password security issue dates back to at least 2018, although testimonials provided by SolarWinds on Friday indicate it could go back even further. In December, security researcher Vinoth Kumar told Reuters that he warned SolarWinds that anyone could access his update server using “solarwinds123”. CNN reported that the password was accessible online since at least June 2018.

G / O Media can get a commission

iRobot Roomba i6 +

However, during the hearing, Sudhakar Ramakrishna, current CEO of SolarWinds, told lawmakers that the password “solarwinds123” was used on one of the intern’s servers in 2017.

According to CNN, Kumar showed SolarWinds that the password allows him to log in and upload files to his server. It was a way for any hacker to upload malware to SolarWinds, the researcher said.

“I have a stronger password than ‘solarwinds123’ to prevent my kids from watching too much YouTube on their iPad,” Representative Katie Porter, Democrat of California, told SolarWinds officials at the hearing.

At this point, however, it’s still unclear whether the password leak played a role in the SolarWinds hack, noted CNN, who is believed to be the biggest foreign intrusion campaign in the history of the United States. This month, White House National Security Advisor Anne Neuberger said about 100 different companies and nine federal agencies, including the one overseeing the country nuclear weapons, had been compromised by foreign pirates.

The government is currently investigating piracy, and it is still not clear what data hackers might have had access to. The investigation is expected to last several months. Kevin Mandia, CEO of FireEye, the cybersecurity company that discovered the hack, said we may never know the scope of the attack.

“Bottom line: we may never know the full range and extent of the damage, and we may never know the full range and extent of how stolen information benefits an adversary.” , Mandia said.

Nonetheless, we do know of one of the causes of the attack: a poor anonymous intern that SolarWinds threw under the bus.

[ad_2]

Source link