This past 30 days has been the worst I've ever seen. Forget about 900 million Yahoo accounts that nobody really ever used listed for sale on the dark web. Don't get me wrong, there's risk there for idiots who reuse password across applications and services, but the shit is upon us now in all new ways.
The level of sophistication is unparalleled, maybe even unstoppable at this point. FireEye, considered by some to be the nation's leading cybersecurity company was not only hacked, but their offline vault of the most secretive offensive and defensive cybersecurity/hacking tools in existence was compromised, forcing them to release portions of representative code to the IT world in order for us to monitor for and, maybe, prevent additional attacks.
SolarWinds, maybe the most well known and one of the most well regarded remote monitoring and management software vendors in the world, appears to have been hacked in some fashion, be it directly or indirectly through its customers. There is more to be discovered on this angle, but SolarWinds is used at most Fortune 500 companies, the top 10 US telecom carriers, all five US military branches, the US Dept of State, the NSA (previously hacked, in what was previously the hackerworld's crown jewel achievement), and the White House.
It appears that the US Treasury Dept's Microsoft 365 control console was compromised and those responsible have been reading every inbound and outbound email for months. This is an incredible "holy shit" moment for IT professionals worldwide. Why? Because one of two things happened: Either dipshit IT people at the Treasury didn't have multifactor authentication and other security hardening features applied to their M365 tenant and administrator accounts or these brilliant cocksuckers have worked around what we thought were near infallible tools if properly implemented. And it appears to be the latter (from the Reuters report):
The hackers are “highly sophisticated” and have been able to trick the Microsoft platform’s authentication controls, according to a person familiar with the incident, who spoke on condition of anonymity because they were not allowed to speak to the press.
Here's the rub. All signs point to Russia. Not just everyday Russians, but Russia, as in nation-state actors following directives from their government. This is Joe Biden's first crisis, and I don't use that term lightly. Our federal government cannot function in 2020 in a vacuum. It cannot perform the day-to-day operations necessary to provide services to its citizens and offer the type of protections we require as the freest nation on Earth. President Trump has checked out and is powerless as a lame duck. He's not authorizing an attack on anyone at this point. This is on Joe Biden. What will he do?
What would I do? Great question, everybody. I would unleash the MOAB of cyberattacks on Russia, shutting down their financial networks, causing blackouts in their cities, shutting down production in their manufacturing plants, and scrambling to hell their air traffic controls (everything except hospitals/healthcare). Bring them to the negotiating table (along with China) and hopefully its the trigger than brings digital peace to all countries.*
His other option is a military attack against Russian cyber assets, but that's risky in ways that may not bring the same level of success, since these assets are buried deep inside Russian territory and I'm certain Russian air defenses are up to the task of thwarting such an attack. He could have every Russian in Syria killed, I suppose, and claim a tactical error was made. Sorry about those missile strikes and bombings, yo. None of the military options are likely realistic, but neither is what's currently happening with Russia living in our IT networks on the reg.
The level of sophistication is unparalleled, maybe even unstoppable at this point. FireEye, considered by some to be the nation's leading cybersecurity company was not only hacked, but their offline vault of the most secretive offensive and defensive cybersecurity/hacking tools in existence was compromised, forcing them to release portions of representative code to the IT world in order for us to monitor for and, maybe, prevent additional attacks.
SolarWinds, maybe the most well known and one of the most well regarded remote monitoring and management software vendors in the world, appears to have been hacked in some fashion, be it directly or indirectly through its customers. There is more to be discovered on this angle, but SolarWinds is used at most Fortune 500 companies, the top 10 US telecom carriers, all five US military branches, the US Dept of State, the NSA (previously hacked, in what was previously the hackerworld's crown jewel achievement), and the White House.
It appears that the US Treasury Dept's Microsoft 365 control console was compromised and those responsible have been reading every inbound and outbound email for months. This is an incredible "holy shit" moment for IT professionals worldwide. Why? Because one of two things happened: Either dipshit IT people at the Treasury didn't have multifactor authentication and other security hardening features applied to their M365 tenant and administrator accounts or these brilliant cocksuckers have worked around what we thought were near infallible tools if properly implemented. And it appears to be the latter (from the Reuters report):
The hackers are “highly sophisticated” and have been able to trick the Microsoft platform’s authentication controls, according to a person familiar with the incident, who spoke on condition of anonymity because they were not allowed to speak to the press.
Here's the rub. All signs point to Russia. Not just everyday Russians, but Russia, as in nation-state actors following directives from their government. This is Joe Biden's first crisis, and I don't use that term lightly. Our federal government cannot function in 2020 in a vacuum. It cannot perform the day-to-day operations necessary to provide services to its citizens and offer the type of protections we require as the freest nation on Earth. President Trump has checked out and is powerless as a lame duck. He's not authorizing an attack on anyone at this point. This is on Joe Biden. What will he do?
What would I do? Great question, everybody. I would unleash the MOAB of cyberattacks on Russia, shutting down their financial networks, causing blackouts in their cities, shutting down production in their manufacturing plants, and scrambling to hell their air traffic controls (everything except hospitals/healthcare). Bring them to the negotiating table (along with China) and hopefully its the trigger than brings digital peace to all countries.*
His other option is a military attack against Russian cyber assets, but that's risky in ways that may not bring the same level of success, since these assets are buried deep inside Russian territory and I'm certain Russian air defenses are up to the task of thwarting such an attack. He could have every Russian in Syria killed, I suppose, and claim a tactical error was made. Sorry about those missile strikes and bombings, yo. None of the military options are likely realistic, but neither is what's currently happening with Russia living in our IT networks on the reg.
