SolarWinds officials blame intern for ‘solarwinds123’ password

Illustration for the article titled SolarWinds Officials Throw Intern Under Bus for Password Failure 'solarwinds123'

Photo: Kirill Kudryavtsev / AFP via Getty Images) (fake images)

The SolarWinds drama it just won’t stop. It’s a story of Russian hackers, and potentially Chinese hackers, alleged email spying, and a huge security vulnerability hole that seems to get worse as more details come to light. Now, we can add another twist to the story: the ridiculously insecure password “solarwinds123”. In the latter case, SolarWinds would like you to know that it was the intern’s fault.

In a joint hearing on Friday, former SolarWinds CEO Kevin Thompson told representatives of the House Oversight and National Security Committees that the password “solarwinds123”, which protected a server in the company, was “related to a mistake made by an intern that violated our password policies.” Thompson explained to lawmakers that the intern had posted the password on his own private GitHub account.

“As soon as he was identified and brought to the attention of my security team, they removed him,” Thompson said.

The password security issue dates back to at least 2018, although testimony provided by SolarWinds on Friday indicates that it could go back even further. In December, security researcher Vinoth Kumar told Reuters which warned SolarWinds that anyone could access its update server using “solarwinds123”. CNN reported that the password had been accessible online since at least June 2018.

However, at the hearing, Sudhakar Ramakrishna, current CEO of SolarWinds, told lawmakers that the password “solarwinds123” was used on one of the intern’s servers in 2017.

According to CNNKumar showed SolarWinds that the password allowed him to log in and deposit files on his server. This was a way for any hacker to upload malicious programs onto SolarWinds, the researcher claimed.

“I have a stronger password than ‘solarwinds123’ to prevent my kids from watching too much YouTube on their iPad,” Rep. Katie Porter, D-California, told SolarWinds officials at the hearing.

However, at this point, it is still unclear whether the password leak played a role in the SolarWinds hack, noted CNN, which is believed to be the largest foreign intrusion campaign in American history. This month, White House National Security Adviser Anne Neuberger stated that approximately 100 different companies and nine federal agencies, including the one that oversees the country nuclear weapons, had been compromised by foreign hackers.

The government is currently investigating the hack, and it is not clear yet what data hackers might have accessed. The investigation is expected to take several months. Kevin Mandia, CEO of FireEye, the cybersecurity company that discovered the trick, has said that we may never know the extent of the attack.

“The bottom line: We may never know the full range and extent of damage, and we may never know the full range and extent of how stolen information benefits an adversary,” Mandia said.

However, we do know one of the victims of the attack: a poor unnamed intern that SolarWinds threw under the bus.


Source link