Someone asked me to provide a simple description of what this SolarWinds hack is all about. So for anyone who is confused by the technical details, here's a thread with a simplified explanation of what happened and what it means.
The maker of software that is used in the highest echelons of gov, including the White House and NSA, was compromised by attackers who slipped malicious code into the software maker's trusted code without the software maker knowing it. The code got distributed to its customers
That malicious code, once it infected customer systems, opened a backdoor into those systems and contacted the hackers to let them know the door was open for them to surreptitiously enter those systems and begin stealing sensitive data on those networks.
The hackers did this back in March and their activity was only recently discovered - this means they have been inside gov systems all these months stealing data and spying on gov workers without anyone knowing until now. They also infected telecoms and other company networks.
Here is a list of some of the customers who use the software made by the software maker (their name is SolarWinds). All of these were potentially compromised.
What does this mean for average person and their data? This is a national security hack conducted by a nation-state (Russia) and focused on high-value targets/data. While it's possible yr personal data could have been compromised, it's more likely not what the hackers were after.
But there's a lot that's still unknown about the operation -- who all was compromised and what data or secrets were stolen.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
AT&T paid hackers $370,000 to delete call records stolen from its Snowflake account. They provided video to AT&T showing deletion. It's believed to be the only complete set of the data stolen, though the hackers shared small snippets with a few people wired.com/story/atandt-p…
AT&T learned about breach mid-April and paid the hackers on May 17, but didn't report the breach publicly until this last Friday when the published a blog post and a filed a regulatory disclosure with the SEC. AT&T had received a reporting exemption to withhold public reporting.
When AT&T paid the hackers in May, the one allegedly directly responsible for stealing it - John Erin Binns - is believed to have already been arrested in Turkey where he was living. The arrest was not for the AT&T breach, however, but for the breach of T-Mobile back in 2021.
Car bomb that killed daughter of Putin ally Alexander Dugin was smuggled into Russia in hidden compartment of a cat crate. The op was part of a raging shadow war being conducted by Ukraine's SBU spy agency, which has forged deep bonds with CIA since 2014 washingtonpost.com/world/2023/10/…
"The cluttered car carrying a mother and her 12-year-old daughter seemed barely worth the attention of Russian security officials as it approached a border checkpoint. But the least conspicuous piece of luggage — a crate for a cat — was part of an elaborate, lethal plot."
Since 2015, CIA has spent millions to transform Ukraine’s intel services into allies against Putin. It's provided advanced surveillance systems, trained recruits in Ukraine/US, built a new headquarters for Ukraine's military intel agency, and shared unprecedented amounts of intel
Thousands of IT workers contracting with US companies have for years secretly sent millions of dollars of their wages to North Korea to fund its weapons programs. They worked remotely with companies around US and used false identities to get jobs, per FBI apnews.com/article/north-…
According to DoJ, North Korea dispatched thousands of skilled IT workers to live in China and Russia with the goal of getting hired by companies in the US and elsewhere as freelance remote employees. In some cases the workers infiltrated company networks and stole info from them
"the workers used various techniques to make it look like they were working in the US, including paying Americans to use their home Wi-Fi connections"
Millions of emails intended for US military - including highly sensitive info - have been misdirected to Mali instead, due to people typing .ml in address instead of .mil. This, despite repeated warnings for a decade to double-check address before sending ft.com/content/ab62af…
One misdirected email contained the travel itinerary for General James McConville, army's chief of staff, upcoming trip to Indonesia. It included a full list of hotel room #s for the general and 20 others, as well as details on how to collect his key at Grand Hyatt in Jakarta
A Dutch internet entrepreneur named Johannes Zuurbier reported the problem to US military 10 years ago. Zuurbier has a contract to manage Mali's country domain and has collected misdirected emails - nearly 117,00 of them - since Jan to show the gov how bad the problem is
"To people unfamiliar with the American criminal justice system, Baldwin’s decision sounds reasonable: Something terrible happened, and he wanted to help. But...if you are involved in a serious incident, it’s best not to talk to the police unless you have an attorney present."
"despite the ritualistic incantation of the Miranda warning on every TV police procedural, silence is a right that people can find hard to accept....Refusing to talk to the police seems like something people do only when they’ve got something to hide."
"courts have given the police wide leeway to lie to people being interrogated. 'They will lie...about what crime they are actually investigating, whether they regard you as a suspect,...what evidence they have against you...even about what [other] witnesses have or have not said"
During press call discussing Zelensky visit tomorrow, WH said US consulted closely with him “on the security parameters of him being able to depart” Ukraine. “He concluded that those security parameters were met. What he needed, we agreed with...and..we are executing accordingly"
Biden/Zelensky discussed visit to US in phone call Dec. 11 then WH extended formal invite to come Dec 21st. Visit was only confirmed Sunday. Zelensky “indicated he was very keen” that his first visit outside of Ukraine be to the US to thank the US public for support given Ukraine
Tomorrw marks 300th day since Russian invasion. Zelensky will have extended sitdown w/Biden, meet key natsec team members/cabinet, address public at press conf then joint session of Congress late aftrnoon/eve, before returning to Ukraine after “just a few short hrs” in US