SolarWinds Breach Happens Over "solarwinds123" Password, Expert Warned in 2019
By Madz D.
In 2019, SolarWinds was already warned by a security expert to change its password of "solarwinds123." Today, the company was hacked.
Password "solarwinds123" can easily be identified
According to Reuters, SolarWinds in 2019 has a password, "solarwinds123," which anyone can access. After several days of a massive hack of the Austin-based SolarWinds was made public, the revelation came. The attack was confirmed to have infiltrated the U.S. government agencies.
Experts warned SolarWinds
On Tuesday, Reuters reported that experts are now tracing the steps to identify weak security points that hackers have taken advantage of. Vinoth Kumar, a security expert, told Reuters that he warned SolarWinds about setting the password for a secure server as "solarwinds123."
"This could have been easily done by any attacker," Kumar told the publication. Meanwhile, Business Insider requested for comment, but SolarWinds did not immediately respond.
The attack mainly involved hackers who plugged malware into the IT company's Orion software distributed to nearly 18,000 clients later. SolarWinds has over 300.000 clients which many are Fortune 500 companies, including AT&T, Microsoft, McDonald's, and several government agencies. However, it is unclear which clients were affected by the hack.
Hackers indeed gained access to official networks such as the U.S. Treasury, the Trump administration admitted. Besides, the State Department and the Department of Homeland Security are confirmed to have been hacked.
The hackers were able to stalk the companies and federal agencies for months, freely peruse private communications and victims' files sent by the U.S. government's top brass, as per Business Insider. In March, as the COVID-19 pandemic started setting into the U.S., hackers gained access and were able to steal data, which were not detected by the IT company.
This week, the hack was made public, and the authorities directed clients running the Orion software to disconnect from the software.
US Senators requested details from FBI on cyber attack
A bipartisan group of senators requested a government-wide report regarding SolarWinds' "highly sophisticated" cyberattack from the FBI and the Cybersecurity and Infrastructure Security Agency (CISA).
Newsweek reported via MSN that the business software company based in Austin lists the State Department, Pentagon, National Security Agency, White House, and all U.S. military branches among its client base. The vital details about the breach have not been made public, specifically how the U.S. military or the White House was deeply affected.
The leaders of the Senate committee commerce, science, and transportation, as well as the appropriations subcommittee on justice, commerce, science, and related agencies, wrote to Christopher Wray, the FBI director, and Brandon Wales, the CISA acting director, to request particular details on the hack, its possible implications, and its victims.