It may be a mere coincidence that the initial breach occurred about the same time as COVID lockdowns, but the fact that millions are now doing work from home and accessing "secure networks" away from the workplace means access to all this information, whether corporate or governmental, is highly vulnerable -- if not by hackers from a distant place, but from "employees" that can monetize valuable information from the comfort and safety of one's own home.
It's 100% Solarwinds fault! Not having enough cyber sercurity and network protections in today's digital age is like walking the streets of crime infested neighborhood with all your money and valuables dangling from your pockets, while your walking down the street blindfolded.
Because Solar wind is using dual use technology - the US government could have banned Solarwind services and products from USA government computer once the security compromise was detected , e.g. Huawei 5G network servers are a good example of dual use tech that is banned in USA computer systems, Hence, if solarwinds was given the same level of scrutiny as Hauwei then Solar wind technology would have been banned in the USA for not protecting its technology from possible security/defense breaches. However, the cows have left the barn -- so closing the barn doors is not going to help. I am sure the SVR guys are laughing their heads off right about now...
@@77Treasurehunter77 ... Nice. Blame the Victim. And a stupid analogy. The days of EVERYone just leaving their networks and systems wide open are long over. This is a software company. You don't think they are CONSTANTLY on the lookout for unauthorized intrusions??? The nation/state Hackers, including us, are always looking for ways "IN" to gather intelligence, steal proprietary information, or worst case.... set up the capability to damage or destroy critical infrastructure. If you discover, stop, and announce one "infection"... that player goes back to figuring out how to do it better next time !! It really IS a WAR out there right now.
Whats wrong with eastern europe? And what did Solarwind do wrong exactly? Just about anything connected to the internet can be hacked. Its when, not if.
I...along with MANY others have not! This is a huge story however MSM needs you to believe that all is well so you'll have that warm comfy feeling.....but the election was the most secure election ever!!🤨
I didn't, I think they're planning a big one, the elites are, not Russia they'll blame it on who ever fits the narrative. Iran so we can finish the Pnac? A white surpremist? Oh we'll see what the next plan is! The WHO Did a simulation of a cyber attack just like they did for Pandemic, event 201 so they got something brewing! Website is not showing it anymore, page can't be found Hmmmm r.search.yahoo.com/_ylt=AwrJ61MxGgxg09QAZQ5x.9w4;_ylu=Y29sbwNiZjEEcG9zAzUEdnRpZAMEc2VjA3Ny/RV=2/RE=1611434673/RO=10/RU=https%3a%2f%2fwww.who.int%2frisk-communication%2fsimulation-exercises%2fen%2f/RK=2/RS=BAd7RhcV6Ul7jRXXt.QKVo4lIco-
Another RussiArmageddon.... I work in IT, and I know how careless many of my colleges are regarding cybersecurity. From my perspective this huge cyberhack is not something shocking .
True, it seems like every company has to learn it on their own.... which is ridiculous but it seems like no one is looking to learn from the mistakes of others. I know companies who've been hit multiple times in a year and were still slow to pivot their security.
Security for what? Comparing security for a laptop in bro Bob's basement to security against an attack by a nation state on a multi-billion dollar corporation doesn't make a lick of sense.
@@PristinePerceptions whats your point an update caused the hack of Goverments how much more me a civilian who knows nothing they'll probably be watching me right now
Thats an overly simplistic and misguided way of looking at software updates. You can trust that the developer means well. It is foolish to trust that they don't make mistakes or inadvertently introduced a security flaw however.
It's because we make it so easy in some cases. Hillary for one and her unsecured servers and people like Adam Schiff and others on the left intel committees are open to blackmail.
Any hacker can break into a government system. A good hacker will never let you know they were there. A great hacker will make it look like their enemy did it.
They could have destroyed all of the hardware connected to this networks but that would have been to much destructive even for Putin, the internet network is beyond american borders and the backlash would have been global, what they wanted was information.
@@brunopimenta8204 information is a weapon now. Death by a thousand cuts. But you are right that everything is connected, so any disruption or attacks are going to backlash globally.
Right? by far that sentence is the closest to the truth and reality that US government is in bed with corporations. Not that we didn’t know that already.
Its cool the way media still depicts hacking like the 90s movie "Hackers". Fast typing, green letters on backgrounds, lots of colons, when in reality hacking is more like scamming. But I guess its not as exciting to show people on the phone with customer service call centers.
@@doomtomb3 Scamming requires coding. Phising, for example, requires a fake landing page which of course needs web design and coding. Brute force is also not manual input, it's a software algorithm doing the brute force. Keylogging needs access to target computer using other methods, but the keylogger itself is a software. Social engineering is the only one not requiring coding ability. So you're absolutely wrong.
The problems is thus people. 1. The US companies cyber security is the weak link in the chain. 2. Most companies have invested little to nothing in terms of cyber security. 3. Companies really rely on Microsoft and Apple fixing pieces of the problem for them. Which isn't a lot and both companies have problems of their own in terms of cyber security. Amazon is obviously joining the mix with AWS. US companies need to be held liable for investing more into cyber security and personnel within their own company and not rely on Microsoft, Apple, and now Amazon to fix all the problems for them. CEO's seem to have very little grasp at how the network within their own companies work. Companies think cause they have iOS or Windows and passwords that they are fine, but that's like locking the front door and then leaving all the other doors and windows unattended in your house. There are always other avenues of entry! In this case the infected pipeline of the supplier Solarwinds that feeds to the other customers who probably don't have checks of the info coming through the pipeline from their IT vendor. It has little to nothing to do with the US government. It's a mindset fail of everyone in and out of government.
The thing is the government let's these companies do whatever they want. It's a lack of good technology policy and corporations losing somewhat of an edge in their own technological fields.
*It's unfair on how things has turned up to be due to the recent world pandemic things has been so difficult* *we see complains here and there in the social Media from different people in different countries all around the world* *The government has less or no time for their people anymore* *I think we all should try to engage in different things to make money and stop hoping on the economy*
Yes ! For real It is very important to have different streams of income and a diversified portfolio as for me I have already invested in crypto which is very profitable and easy to gain
I agree. I was co owner of a big janitorial company. We cleaned many post offices, many banks, many clinics, a cpl of schools, and the biggest utility company in Central Texas. The Perdenales Electric Company. I had access to every computer. And if we had Electronic Voting Machines in the 90s. I could of had access to those too. I knew where every camera and digital recording devices were. Then 9/11 happened and almost every one of our contracts. Went to government ran janitorial contractors. We lost almost every contract to government contractors.
@thatguy 00 they said in the video that the way they found virus is because the virus was requiring everybody to update their two factor authentication and one person didn’t which then notified fireeye that the update, which was a fake update by virus, didn’t happen. So yes two factor authentication was hacked in this instance and did not work.
after the CCP invested $600 million into Dominion and used as payments to SolarWinds for use of its software in the 2020 elections, their not hurting for money.
@@77Treasurehunter77 The joke flew by you very fast?! He could very well mean that the Space Force is a waste and other things need much more attention, like reinforcing the cyber defence.
@@dimitris.p.kepenos pretty much.... In my view, there are more than just binary choices. Funny how expressing a questioning of policy priorities turns into allegiance questions and casting doubts using tangential subject matters that are anecdotally related at best
@@minocs no they can not, hackers have their very own programs to fight other hackers. Developers that build dont count with some special "tools" that hackers have.
Please research and report on the rumblings that there are approx 250 000 CHINESE MILITARY TROOPS on the Canadian and Mexican borders!!! Why would they possibly be at the freaking gate? And who plans to let them in?
It looks so odd that all these tech giants fell for such hack, how come Microsoft, Apple, Google doesn't prepare their cyber security systems? After all, these are the most advanced software companies...
I've always wanted to invest in forex/stock trading, after a few trials I realized that trading without a good mentor and guidance is a waste of time and money.
I have always wanted to expand my business but I could not do that because the cash was not forth coming as I had planned. Getting referred to Mr Andy Calistoga played a great role in that vision. Mr Andy is a great mentor and the best trader/Account manager on my list.
Honesty and trust means a lot to me that's why I still trade with Mr Andy. It's been 7months now and I haven't had reasons to doubt his competence. Traders/Account managers like him are hard to come by.
Not all traders get the opportunity to start trading on a good note,i'm glad that Mr Andy gave me that opportunity. i made about $8,450 in my first trial, I think that's a good note.
@@SpikyCat I don’t support trump or any party but how dumb could they say this is trump/administration fault, is not like he own the company, he just a leader of a country not a leader of google or solawinds wtf
I was asked to setup an SFTP server with no need for credentials to connect to. I was able to do it only with SolarWind's software and I was thinking "wow that's risky" but proceeded anyway since that was the goal. And now this... Moral of the story, if you want security use Open Source software instead of crappy software from a shady company.
The biggest problem on how to react to this is that the US also likes to use such tools. So if a Cyberattack would be considered an attack, that should be answered by force they would have big troubles in their own operations. f.e. they spied on the German chancellor with the NSA.
Here's a novel Idea( was just wondering thought) what if A I. Is capable of doing this? And it rights for it's self. Between A.I. and hackers these are some very scary times! It's just batwing nuts!
The bigger news is the millions in call options sold by the companies biggest stake holders hours before the news was released. Even WSB’s weren’t able to get in on that action.
My ex girlfriend is a project manager for solar winds. I would help her with some of her programming. There was one issue that her and her team couldn’t solve, so they brushed it under the rug. This was around that time. Hopefully she got fired along with her team lmao😅
What you do, is submit, strict, I mean strict sanctions, to all allies, of Russia. It’s like the saying, I’m gonna hit you where it hurts you the most, and that’s the only way to battle these people.
@@pfzht yes I do agree China as well, and keep an eye on Russia, under cyber attacks, when we had Trump in office he did not take care of us against Russia.
@@pfzht actually sorry to say that you are wrong, Donald J Trump let Putin and the Russians, do whatever they want within the country, and outside of our country, like Syria, my grandfather who fought in World War II, my uncle who died in Vietnam, they’re not losers and suckers, so either you’re not a true American, or you are a Russian bot, sitting in a cubicle in Saint peters Russia, getting $.20 for each comment that you make. PS I’m also against China, and its policy, I am for America first, and made in the USA.
The Trojan spoken in this report was created in Isreal some 2 years ago but was improved by Russians and some other countries. This Trojan can be purchersed in DEEpWeb.
I would add a missing and needed perspective lay people won't understand on their own... First, Calling this a "Supply channel" type of malware is a real misnomer. Normally you think of supply channels as raw material sources vendor selling product that will be made into something finished or better. The Solarwinds compromise and attack is none of that. The Solarwinds attack is actually a potential vulnerability that has existed practically since the first simple computer app was created, that by either an internal mistake or compromise by malicious actor, anyone who has access to the application's source code could cause the application to do unexpected and potentially harmful things to anyone running the application. When it became recognized that applications often were created with flaws and therefor needed to be updated, then another potential attack vector appeared. This is not something unexpected or surprising to the software industry. In fact, squashing bugs (code that doesn't work properly) is a normal process of creating software from the beginning. And, the updating vector is also well known as a potentially disastrous target attractive to malicious actors, which is why the tools and methods for updating are well known and proper practices are so well known and practiced by everybody. Any lay person has seen for themselves numerous updates on their own computing devices... The Windows OS itself, applications running on their PC, their phones and the applications running on their phones... And those are just the visible updates. Those and many other updates are happening all the time across the billions of computing devices globally over the Internet, and with nearly 100% certainty they are all doing it safely without compromise. Solarwinds made a mistake somewhere, there's no question about it. Whatever it is, they might not have used the right software tools for to store their code. Maybe they didn't set up adequate security for their code development. Maybe they didn't vet their coders. Maybe they didn't vet their SysAdmins. Maybe their security was compromised. For consideration, this type of compromise has a single high profile precedent... When the Ukranians had an anti-Russian government, the Russians similarly compromised the updating process of the most popular bookkeeping app used in the Ukraine... Imagine if someone compromised Quicken and Turbotax in the USA and from that compromised every computer running those apps... That's what happened in Ukraine. The point is... The Solarwinds compromise is a serious attack of the highest order, the potential effect can't be exaggerated. There won't be any quick answers about the extent of the full effects of the compromise, and will take enormous effort by talented computer forensics a long time to ferret out everything that was affected. There is zero reason to believe that the same compromise will be replicated to other updating systems. Am I too optimistic? Perhaps. But, the tools to write proper, secure updating exists everywhere and is commonly used everywhere. If a compromise happens again, it's because coders don't know what they're doing and can't follow simple instructions. Is there anything the government can and should do about protecting its own systems to prevent a re-occurrence? That's really hard to say. In computing, there is an inescapable "web of trust" that exists for every hardware component in a computing system and every piece of software run on the system. It's incredibly huge to try to account for the myriad ways someone could insert malicious code in hardware and software. Inevitably, a lot of computing will have to be based on blind trust. But, it's possible to perform common mitigations through a practice of "Best practices." Buy your hardware and software applying common sense and according to certified and recommended vendors if possible. Hire some competent SysAdmins with at least basic knowledge of security and sprinkle in some experts. Architect networks with a secure topology and whitelist access to external resources (very different than blacklisting). Install IDS and IPS systems to keep watchful eye over traffic to identify any that look suspicious. And, educate the lay person using computing devices, everything from the usual avoiding phishing attacks to strong authentication methods to understanding what is private and sensitive that are not for public consumption. Do all that, and a Solarwinds type of compromise is both unlikely and if it should happen would be caught as quickly as possible. Granted, it's not going to guarantee certainty but keep in mind even if you did nothing to improve security the odds of a similar attack is still incredibly miniscule today.... Simply because no one really allows that kind of attack to happen.
So for 8 months the US Treasury data was being trapped into a bucket like maple syrup, but we don't know who's bucket! And even where the bucket is located. So how good a bucket of maple syrup was stolen?
These sort of stuff goes on all the time. Why the surprise? There is a reason why there are classified and unclassified systems, which follows different security requirements. A lot of people speaking in this video are not really bringing any real depth of information besides "ohh this is horrible and its like an act of war."
Trump isnt to blame. Solarwinds is to blame for not following basic security practices. Companies see lawyers as being cheaper than security and we're already starting to realize this. We need to not raise fines. We need to punish. 20% of profits for the next 5 years. No less. thannthat
" Once technology rolls over you, if you’re not part of the steamroller, you’re part of the road. "
- Stewart Brand
It may be a mere coincidence that the initial breach occurred about the same time as COVID lockdowns, but the fact that millions are now doing work from home and accessing "secure networks" away from the workplace means access to all this information, whether corporate or governmental, is highly vulnerable -- if not by hackers from a distant place, but from "employees" that can monetize valuable information from the comfort and safety of one's own home.
@@john15yt This is an excellent point, i've been wondering something along these lines.
"Rodo rola da"
- Dio Brando
Who cares whoever is behind it probably i. The United States shoot them in the head like bin laden end of that story
Technology isn’t smart enuff to stop a bullet attacking my company I would shoot them in the head but that is my opinion
Everyone is pointing at Russia yet no one is considering that it was Solarwind’s own fault by carelessly outsourcing their dev work to Eastern Europe
Because this was done for political gain, and blame Trump lol
It's 100% Solarwinds fault!
Not having enough cyber sercurity and network protections in today's digital age is like walking the streets of crime infested neighborhood with all your money and valuables dangling from your pockets, while your walking down the street blindfolded.
Because Solar wind is using dual use technology - the US government could have banned Solarwind services and products from USA government computer once the security compromise was detected , e.g. Huawei 5G network servers are a good example of dual use tech that is banned in USA computer systems, Hence, if solarwinds was given the same level of scrutiny as Hauwei then Solar wind technology would have been banned in the USA for not protecting its technology from possible security/defense breaches. However, the cows have left the barn -- so closing the barn doors is not going to help. I am sure the SVR guys are laughing their heads off right about now...
@@77Treasurehunter77 ... Nice. Blame the Victim. And a stupid analogy. The days of EVERYone just leaving their networks and systems wide open are long over. This is a software company. You don't think they are CONSTANTLY on the lookout for unauthorized intrusions??? The nation/state Hackers, including us, are always looking for ways "IN" to gather intelligence, steal proprietary information, or worst case.... set up the capability to damage or destroy critical infrastructure. If you discover, stop, and announce one "infection"... that player goes back to figuring out how to do it better next time !! It really IS a WAR out there right now.
Whats wrong with eastern europe? And what did Solarwind do wrong exactly? Just about anything connected to the internet can be hacked. Its when, not if.
One month and we all already forgotten about this lol
We are distracted by new president and impeachment trials
With the lead up to January 6th, the continuous fallout, and Inoguration it became exhausting to keep up...
I...along with MANY others have not! This is a huge story however MSM needs you to believe that all is well so you'll have that warm comfy feeling.....but the election was the most secure election ever!!🤨
And something or other happened in Nashville.
I didn't, I think they're planning a big one, the elites are, not Russia they'll blame it on who ever fits the narrative. Iran so we can finish the Pnac? A white surpremist? Oh we'll see what the next plan is! The WHO Did a simulation of a cyber attack just like they did for Pandemic, event 201 so they got something brewing! Website is not showing it anymore, page can't be found Hmmmm
r.search.yahoo.com/_ylt=AwrJ61MxGgxg09QAZQ5x.9w4;_ylu=Y29sbwNiZjEEcG9zAzUEdnRpZAMEc2VjA3Ny/RV=2/RE=1611434673/RO=10/RU=https%3a%2f%2fwww.who.int%2frisk-communication%2fsimulation-exercises%2fen%2f/RK=2/RS=BAd7RhcV6Ul7jRXXt.QKVo4lIco-
You think this was the biggest hack? 75 million people disagree with you.
Another RussiArmageddon....
I work in IT, and I know how careless many of my colleges are regarding cybersecurity.
From my perspective this huge cyberhack is not something shocking .
True, it seems like every company has to learn it on their own.... which is ridiculous but it seems like no one is looking to learn from the mistakes of others. I know companies who've been hit multiple times in a year and were still slow to pivot their security.
this is a well planned, made in the USA soil by russia or China
The last time i remember updates were suppose to strengthen your security but now it seems like we cant trust updates too.
Security for what? Comparing security for a laptop in bro Bob's basement to security against an attack by a nation state on a multi-billion dollar corporation doesn't make a lick of sense.
@@PristinePerceptions whats your point an update caused the hack of Goverments how much more me a civilian who knows nothing they'll probably be watching me right now
Thats an overly simplistic and misguided way of looking at software updates. You can trust that the developer means well. It is foolish to trust that they don't make mistakes or inadvertently introduced a security flaw however.
That's like saying "I used to remember door locks kept people out but now it seems we can't trust door locks too", you can never 100% trust anything
Except in this case a developer inserted an exploit. Makes me worry about .Net code generators.
it's scary that experts even say hacking can't be stopped
It's because we make it so easy in some cases. Hillary for one and her unsecured servers and people like Adam Schiff and others on the left intel committees are open to blackmail.
Any hacker can break into a government system. A good hacker will never let you know they were there. A great hacker will make it look like their enemy did it.
A hack like this is more then just intelligence gathering. Information or disrupting it can be a weapon.
They could have destroyed all of the hardware connected to this networks but that would have been to much destructive even for Putin, the internet network is beyond american borders and the backlash would have been global, what they wanted was information.
@@brunopimenta8204 information is a weapon now. Death by a thousand cuts. But you are right that everything is connected, so any disruption or attacks are going to backlash globally.
imagine turning off all the electricity in a whole country 🥶
The reason we can't detour this activity is because we do the same thing. Likely a "title for tat"
isn't it a tit for a tat?
@@FukcAUsername Not if your first language is Chinese.
0:42
"Microsoft, Google and other US Government entities..."
CNBC knows
Nice slip
Oh my god
The biggest hack of 2020 happened on November 3rd
"Microsoft, google and other us government entities" was most realistic sentence I heard from mainstream media in a while.
hmmm... does that have a meaning...or just a perception matter ???
Right? by far that sentence is the closest to the truth and reality that US government is in bed with corporations. Not that we didn’t know that already.
Google.gov and Microsoft.NSA have always been in bed with the US government.
“How do we deter cyber attacks” Snowden 🙀🙀
Its cool the way media still depicts hacking like the 90s movie "Hackers". Fast typing, green letters on backgrounds, lots of colons, when in reality hacking is more like scamming. But I guess its not as exciting to show people on the phone with customer service call centers.
This is misleading. Hacking mostly requires coding, but the execution of the hack involves social engineering or what you called a scam.
Almost all hacks require compromising credentials either brute force, keylogging, scamming, or social engineering
@@doomtomb3 Scamming requires coding. Phising, for example, requires a fake landing page which of course needs web design and coding. Brute force is also not manual input, it's a software algorithm doing the brute force. Keylogging needs access to target computer using other methods, but the keylogger itself is a software. Social engineering is the only one not requiring coding ability. So you're absolutely wrong.
@@jedys Excluding the social engineering, everything else is quite easy for me to do. lol
@@jedys bro all the tools are already free and open source, do you live under rock?
RUclips is getting real comfortable with the non-skipable ads 😑😑
Every new hack seems to be the biggest one ever
when most of your friends constantly attack you you might be the bully after all...
Russia isn’t our friend
@@Student0Toucher but you are the bully
The problems is thus people.
1. The US companies cyber security is the weak link in the chain.
2. Most companies have invested little to nothing in terms of cyber security.
3. Companies really rely on Microsoft and Apple fixing pieces of the problem for them. Which isn't a lot and both companies have problems of their own in terms of cyber security. Amazon is obviously joining the mix with AWS.
US companies need to be held liable for investing more into cyber security and personnel within their own company and not rely on Microsoft, Apple, and now Amazon to fix all the problems for them. CEO's seem to have very little grasp at how the network within their own companies work.
Companies think cause they have iOS or Windows and passwords that they are fine, but that's like locking the front door and then leaving all the other doors and windows unattended in your house. There are always other avenues of entry! In this case the infected pipeline of the supplier Solarwinds that feeds to the other customers who probably don't have checks of the info coming through the pipeline from their IT vendor.
It has little to nothing to do with the US government. It's a mindset fail of everyone in and out of government.
The thing is the government let's these companies do whatever they want. It's a lack of good technology policy and corporations losing somewhat of an edge in their own technological fields.
*It's unfair on how things has turned up to be due to the recent world pandemic things has been so difficult*
*we see complains here and there in the social Media from different people in different countries all around the world*
*The government has less or no time for their people anymore*
*I think we all should try to engage in different things to make money and stop hoping on the economy*
Yes ! For real It is very important to have different streams of income and a diversified portfolio as for me I have already invested in crypto which is very profitable and easy to gain
Exactly I'm also happy to start investing too than to have my money sleeping in bank
Stocks are good but we have to make the right plans
Yes Stocks are good but they are alot of businesses more convenient than stocks
That’s the fact well I only invested in stocks and will love to know a better investment too
Thanks for covering this.
But yet....our elections are the most secure! 😂🤣😂
Who are you trying to fool?!?
I agree. I was co owner of a big janitorial company. We cleaned many post offices, many banks, many clinics, a cpl of schools, and the biggest utility company in Central Texas. The Perdenales Electric Company.
I had access to every computer. And if we had Electronic Voting Machines in the 90s. I could of had access to those too. I knew where every camera and digital recording devices were.
Then 9/11 happened and almost every one of our contracts. Went to government ran janitorial contractors. We lost almost every contract to government contractors.
@@8arrows That’s just crazy!!
So sorry you lost contracts!!
But you know first hand how easy it would be.
Thank you for sharing that info 😉
Came here because I thought they were going to talk about the election bumping this from number 1.
Lesson. Always use 2 factor authentication.
That would not work to protect yourself from this attack
@thatguy 00 they said in the video that the way they found virus is because the virus was requiring everybody to update their two factor authentication and one person didn’t which then notified fireeye that the update, which was a fake update by virus, didn’t happen. So yes two factor authentication was hacked in this instance and did not work.
How the hell SolarWinds is still in business after this.
This is like Enron or Deepwater Horizon level screwup
after the CCP invested $600 million into Dominion and used as payments to SolarWinds for use of its software in the 2020 elections, their not hurting for money.
Check their stock price right now.
It's bad.
@@lee0495 the CCP owns 25% of SolarWinds
The amount of work and money to get away from a company like that is a lot. Takes a long time to build
If you don't know who hacked it how do you know it was Russians and not some other country?
the hackers left the word "zakladka" in their code 🤣
Biden read that very well. Good job, Joe. It looked very natural, especially the hatchet chop.
So....it turns out that we need a Cyber Force much more than a Space Force
You don't seem to understand what the NSA is at all. You tried to jab Trump but only made yourself look foolish.
www.nsa.gov/what-we-do/
@@77Treasurehunter77 The joke flew by you very fast?! He could very well mean that the Space Force is a waste and other things need much more attention, like reinforcing the cyber defence.
We need both. And we do have a cyber force it’s called the fbi and cia
@@dimitris.p.kepenos pretty much....
In my view, there are more than just binary choices. Funny how expressing a questioning of policy priorities turns into allegiance questions and casting doubts using tangential subject matters that are anecdotally related at best
No one can fight hackers, only other hackers can fight them back!
hahahah........that's a very 1D way of looking at the world.
@@77Treasurehunter77 what are other ways ?
@@thisismarkbro 2d and 3d
the developers that build the targeted software can fight hackers
@@minocs no they can not, hackers have their very own programs to fight other hackers. Developers that build dont count with some special "tools" that hackers have.
I am surprised CNBC didn't find a way that this "disproportionately effects black and brown people."
No, SolarWinds solution was to hire the #1 cloud cybersecurity company, Crowdstrike. Smart choice.
Wow. It took a whole 37 seconds to blame it on Trump.
They still don't know if it was Russia or not.
This is crazy
Unclassified data only? Sounds like that’s a failed mission
Well, that's all they're admitting to.
There are known knowns and known unknowns but there are also unknown knowns.
-Rumsfeld probably
According to the media, you can't hack without a hoodie, or it is not possible!!
True. It was a serious lapse to not check for guys wearing hoodies.
I don’t even remember this happening wtf?
That's the idea. Goldfish memory brought to you by media programming.
Please research and report on the rumblings that there are approx 250 000 CHINESE MILITARY TROOPS on the Canadian and Mexican borders!!! Why would they possibly be at the freaking gate? And who plans to let them in?
It looks so odd that all these tech giants fell for such hack, how come Microsoft, Apple, Google doesn't prepare their cyber security systems?
After all, these are the most advanced software companies...
They didnt, these companies use Solarwinds and once solarwinds was infected so were they after a new update
I've always wanted to invest in forex/stock trading, after a few trials I realized that trading without a good mentor and guidance is a waste of time and money.
I have always wanted to expand my business but I could not do that because the cash was not forth coming as I had planned. Getting referred to Mr Andy Calistoga played a great role in that vision. Mr Andy is a great mentor and the best trader/Account manager on my list.
Honesty and trust means a lot to me that's why I still trade with Mr Andy. It's been 7months now and I haven't had reasons to doubt his competence. Traders/Account managers like him are hard to come by.
Not all traders get the opportunity to start trading on a good note,i'm glad that Mr Andy gave me that opportunity. i made about $8,450 in my first trial, I think that's a good note.
(Andycali924 (ät) yahoo çom)
One problem is that America blames other countries for different things, but often time they have no concrete evidence or any evidence at all.
love how they used stock footage of someone using an iPhone running a version of iOS at least older than iOS 7
Bro, did we not expect them to hit us when our guard was down? What was the Trump administration even doing?
Worrying about votes
ah yes, trump is for sure responsible for a hacking of a private company
@@SpikyCat I don’t support trump or any party but how dumb could they say this is trump/administration fault, is not like he own the company, he just a leader of a country not a leader of google or solawinds wtf
This is great info. Well done.
I was wondering why the internet was so messy last year.
Nord VPN has entered the chat
how did they determine it was the Russians, it could have been the chinese for all we know?
Cozy bear
You will be surprised what you can find with digital forensics and investigation.
I was asked to setup an SFTP server with no need for credentials to connect to. I was able to do it only with SolarWind's software and I was thinking "wow that's risky" but proceeded anyway since that was the goal. And now this...
Moral of the story, if you want security use Open Source software instead of crappy software from a shady company.
Not Russian, re-routed to China and India, and us
Came here to know how attack happened. Was it inside job? How software was compromised? Wrong title.
When the robber thinks his profession is more noble than the thief
You can’t have the freest information system and networks without having vulnerabilities of data leakage and misinformation.
the narrator sounded like joe rogan, i thought i was on the wrong channel for a second
Wtf no he doesn’t🤣
The biggest problem on how to react to this is that the US also likes to use such tools. So if a Cyberattack would be considered an attack, that should be answered by force they would have big troubles in their own operations. f.e. they spied on the German chancellor with the NSA.
which is exactly why i find all this outrage very hypocritical and one sided. God only knows what else they've been doing in the dark we don't know...
America can only supersize your meal, nothing more
Could I get that with a large strawberry shake please ?... :-)
Soon there will be splinternets and this will become a game changer going forward.
Soon? That's already happened/happening..
@@ImARealHumanPerson what are splinternets ?
What are splinternets? I'm a bit computer illiterate....
Go to know, thanks for the information, not sure how I missed this several months ago 👍
Here's a novel Idea( was just wondering thought) what if A I. Is capable of doing this? And it rights for it's self. Between A.I. and hackers these are some very scary times! It's just batwing nuts!
Oh, I thought this was going to be about the Dominion voting machines. Never mind.
What do you mean nevermind. Do you not want to learn more?
The bigger news is the millions in call options sold by the companies biggest stake holders hours before the news was released. Even WSB’s weren’t able to get in on that action.
Why wasn’t China mentioned even once??
The world does not revolve around China?
where is CNBC After Hours?
Now you want to bring this up?!
Russia Russia Russia. Always using russia to cover your tracks. People are not buying this. 😂😂
My ex girlfriend is a project manager for solar winds. I would help her with some of her programming. There was one issue that her and her team couldn’t solve, so they brushed it under the rug. This was around that time. Hopefully she got fired along with her team lmao😅
America ... Your century is long gone. Be ready to be a second class citizen of this planet.
This was surprisingly good, I was ready to check another video for a deeper insight, now I don’t need to.
Looks like nobody in america's been listening to a single word of this report!
Is this why Google shut down last year?
what happened to after hours? bring it back to youtube!
Now what will America do???
😑😑😑😑😑😑😑
Wag their finger at Russians as they continue to buy their oil
What you do, is submit, strict, I mean strict sanctions, to all allies, of Russia.
It’s like the saying, I’m gonna hit you where it hurts you the most, and that’s the only way to battle these people.
More concerned about China.
@@pfzht yes I do agree China as well, and keep an eye on Russia, under cyber attacks, when we had Trump in office he did not take care of us against Russia.
@@moisesperez4605 yes, Trump did take care of US interests and better than any before him.
@@pfzht actually sorry to say that you are wrong, Donald J Trump let Putin and the Russians, do whatever they want within the country, and outside of our country, like Syria, my grandfather who fought in World War II, my uncle who died in Vietnam, they’re not losers and suckers, so either you’re not a true American, or you are a Russian bot, sitting in a cubicle in Saint peters Russia, getting $.20 for each comment that you make. PS I’m also against China, and its policy, I am for America first, and made in the USA.
And say hello to WW3
Best way to eliminate cybercrime - eliminate bitcoin.
Why is it when there are hacking incidents it's always Russia?! I just noticed.
Because Russia is the world leader in Computer Science technology and education.
just to make clear this hack could start a new war maybe even a new world war
Awesome stuff! New subscriber here!
When the top gets hack (Microsoft, Cisco, and DOJ, etc.), you can’t really do anything about it…
The Trojan spoken in this report was created in Isreal some 2 years ago but was improved by Russians and some other countries. This Trojan can be purchersed in DEEpWeb.
I would add a missing and needed perspective lay people won't understand on their own...
First,
Calling this a "Supply channel" type of malware is a real misnomer. Normally you think of supply channels as raw material sources vendor selling product that will be made into something finished or better. The Solarwinds compromise and attack is none of that. The Solarwinds attack is actually a potential vulnerability that has existed practically since the first simple computer app was created, that by either an internal mistake or compromise by malicious actor, anyone who has access to the application's source code could cause the application to do unexpected and potentially harmful things to anyone running the application. When it became recognized that applications often were created with flaws and therefor needed to be updated, then another potential attack vector appeared.
This is not something unexpected or surprising to the software industry. In fact, squashing bugs (code that doesn't work properly) is a normal process of creating software from the beginning.
And, the updating vector is also well known as a potentially disastrous target attractive to malicious actors, which is why the tools and methods for updating are well known and proper practices are so well known and practiced by everybody.
Any lay person has seen for themselves numerous updates on their own computing devices... The Windows OS itself, applications running on their PC, their phones and the applications running on their phones... And those are just the visible updates. Those and many other updates are happening all the time across the billions of computing devices globally over the Internet, and with nearly 100% certainty they are all doing it safely without compromise.
Solarwinds made a mistake somewhere, there's no question about it.
Whatever it is, they might not have used the right software tools for to store their code. Maybe they didn't set up adequate security for their code development. Maybe they didn't vet their coders. Maybe they didn't vet their SysAdmins. Maybe their security was compromised.
For consideration, this type of compromise has a single high profile precedent... When the Ukranians had an anti-Russian government, the Russians similarly compromised the updating process of the most popular bookkeeping app used in the Ukraine... Imagine if someone compromised Quicken and Turbotax in the USA and from that compromised every computer running those apps... That's what happened in Ukraine.
The point is...
The Solarwinds compromise is a serious attack of the highest order, the potential effect can't be exaggerated.
There won't be any quick answers about the extent of the full effects of the compromise, and will take enormous effort by talented computer forensics a long time to ferret out everything that was affected.
There is zero reason to believe that the same compromise will be replicated to other updating systems. Am I too optimistic? Perhaps. But, the tools to write proper, secure updating exists everywhere and is commonly used everywhere. If a compromise happens again, it's because coders don't know what they're doing and can't follow simple instructions.
Is there anything the government can and should do about protecting its own systems to prevent a re-occurrence? That's really hard to say. In computing, there is an inescapable "web of trust" that exists for every hardware component in a computing system and every piece of software run on the system. It's incredibly huge to try to account for the myriad ways someone could insert malicious code in hardware and software. Inevitably, a lot of computing will have to be based on blind trust. But, it's possible to perform common mitigations through a practice of "Best practices."
Buy your hardware and software applying common sense and according to certified and recommended vendors if possible. Hire some competent SysAdmins with at least basic knowledge of security and sprinkle in some experts. Architect networks with a secure topology and whitelist access to external resources (very different than blacklisting). Install IDS and IPS systems to keep watchful eye over traffic to identify any that look suspicious.
And, educate the lay person using computing devices, everything from the usual avoiding phishing attacks to strong authentication methods to understanding what is private and sensitive that are not for public consumption.
Do all that, and a Solarwinds type of compromise is both unlikely and if it should happen would be caught as quickly as possible. Granted, it's not going to guarantee certainty but keep in mind even if you did nothing to improve security the odds of a similar attack is still incredibly miniscule today.... Simply because no one really allows that kind of attack to happen.
It was Cyberdyne Systems.
What lol
"Brawndo...It's got what plants crave."
Why don't American do counter cyber attack, just sit there and take it wtf ?
Russia obviously thouGht this was about real solar winds like plasma winds like I did 😂🤣🤣
RUclips is showing me ads in an unknown language. 🤔
Jon Lindsay is surprisingly okay with this.
So for 8 months the US Treasury data was being trapped into a bucket like maple syrup, but we don't know who's bucket! And even where the bucket is located. So how good a bucket of maple syrup was stolen?
They came from WASHINGTON STATE to ELSA TEXAS...
U.S. is gonna fall because the government got comfy
Why not look a lot closer to home? The NSA would have just as much interest in obtaining the information stolen.
If you don’t understand cyber security, you are not qualified to talk about the political side of this
Well if you are convinced about that then hack them back as retaliation.
Our actions in 2016, will continue to haunt us.
But now other countries should learn from this so it doesn't happen to them
I don't know but could AI disrupt this sector?.
Not yet.
These sort of stuff goes on all the time. Why the surprise? There is a reason why there are classified and unclassified systems, which follows different security requirements. A lot of people speaking in this video are not really bringing any real depth of information besides "ohh this is horrible and its like an act of war."
oes Solar wind/Orion have anything to do with General Atomics?
Trump isnt to blame. Solarwinds is to blame for not following basic security practices.
Companies see lawyers as being cheaper than security and we're already starting to realize this. We need to not raise fines. We need to punish. 20% of profits for the next 5 years. No less. thannthat
8 months undetected? Wow
IF THE GOVERNMENT CAN DO IT OR HAVE IT WE CAN
4:25 Holy moly.