Someone asked me to provide a simple description of what this SolarWinds hack is all about. So for anyone who is confused by the technical details, here's a thread with a simplified explanation of what happened and what it means.
The maker of software that is used in the highest echelons of gov, including the White House and NSA, was compromised by attackers who slipped malicious code into the software maker's trusted code without the software maker knowing it. The code got distributed to its customers
That malicious code, once it infected customer systems, opened a backdoor into those systems and contacted the hackers to let them know the door was open for them to surreptitiously enter those systems and begin stealing sensitive data on those networks.
The hackers did this back in March and their activity was only recently discovered - this means they have been inside gov systems all these months stealing data and spying on gov workers without anyone knowing until now. They also infected telecoms and other company networks.
Here is a list of some of the customers who use the software made by the software maker (their name is SolarWinds). All of these were potentially compromised. Image
What does this mean for average person and their data? This is a national security hack conducted by a nation-state (Russia) and focused on high-value targets/data. While it's possible yr personal data could have been compromised, it's more likely not what the hackers were after.
But there's a lot that's still unknown about the operation -- who all was compromised and what data or secrets were stolen.

• • •

Missing some Tweet in this thread? You can try to force a refresh

Keep Current with Kim Zetter

Kim Zetter Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!


Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @KimZetter

24 Nov
Using supposedly impregnable encrypted phones, Serbian hit men discussed plans to kill a judge. But as they texted, their messages also flashed up on the computer screens of a secret police team in Belgium that had hacked into the messenger service they were using, Sky ECC.
Sky sold phones w/ encryption software installed and GPS/camera/microphone disabled. Messages got automatically deleted after 48 hrs if contact wasn’t reachable, and devices could be wiped remotely. Sky said platform was impenetrable and offered $5 mil to anyone who could hack it
Authorities found Sky server in northern France and worked w/ officials to get access. At first they could only see metadata, not messages. Until an international team of hackers found way to decrypt about half of the 3 million daily messages, and used keyword filters to sort
Read 7 tweets
24 Nov
Sebold, author of the novel Lovely Bones, was assaulted as a college freshman. She later identified Broadwater as her attacker in court, though she'd identified someone else in police lineup. Broadwater was falsely convicted from her identification of him and faulty hair analysis
Wondering how the film adaptation of Sebold's memoir "Lucky" will handle the news revealed today that the person Sebold identified as her attacker years ago was not the person who attacked her.…
Interesting detail. It was due to film adaptation of Sebold's memoir that Broadwater’s conviction was overturned. Producer on film grew skeptical of Broadwater’s guilt when reading the script. He dropped out of film project and hired private investigator.…
Read 4 tweets
26 Sep
Wild story that comes just as UK court set to decide if Assange should be extradited to US. Pompeo wanted CIA to assassinate Assange for role in publishing CIA’s Vault7 hacking tools & DNC emails. Actual scenarios were proposed. Great reporting @zachsdorfman @SeanDNaylor @Isikoff
Potential Assange escape set off wild scramble among US, UK and Russian spy agencies who all stationed undercover operatives around embassy. “every human being in a 3-block radius was working for one of the intel services—whether they were street sweepers or…security guards”
Obama administration, fearful of interfering w/press freedom restricted investigations into Assange/WikiLeaks. “We were stagnated for years. There was a reticence…to allow agencies to engage in” certain kinds of intel collection against WikiLeaks, including signals & cyber ops.
Read 4 tweets
24 Sep
A draft report of the controversial Maricopa County election audit shows that Biden won by more votes than previously believed. The report shows that Biden gained 99 votes in the recount and Trump lost 261.…
In the Arizona senate race between Republican Martha McSally and Democrat Mark Kelly, both candidates lost votes in the recount, though Kelly still came out as the winner in the race, according to the draft document. Kelly lost 60 votes in the recount; McSally lost 541 votes.
Several copies of the draft report have been circulating among media outlets on Thurs, raising questions about its authenticity. But a local ABC news station obtained a copy of the draft report directly from secretary of state thru records request; it matches circulating versions
Read 4 tweets
15 Sep
Should be noted that he was only fired last wk, days before a public hearing into bureau’s flawed investigation of the sex-abuse allegations - the agent learned about allegations in 2015. Recent inspector general report also found that he lied to investigators about it
Although the agent interviewed a gymnast in 2015 about abuse allegations, he didn't write report until 17 months later. Nassar was arrested in late 2016. Between 2015 when the agent learned about the abuse and Nassar's arrest, Nasser went on to abuse between 70-120 more victims.
During this same period, the fired FBI agent's boss Jay Abbott was speaking with US Gymnastic's about a job for Abbot with the Olympics Committee. Abbott applied for the job but later lied to investigators with the inspector general's office and said he never applied for the job.
Read 4 tweets
25 Aug
Then they aren't reading their mail, because ballots for the election have already been sent out. Every active registered voter in the state should have received theirs by now. They were mailed beginning Aug 16.
The bigger issue for Dems in recall election is design of CA mail-in ballot. There are 2 sides. One side has lengthy list of candidates vying to replace Gavin Newsom. The other has single question: Do you want Newsom recalled? Most will miss that recall question and leave blank.
Another way CA voters will get tripped up in recall election -- in some cases officials mailed both a sample ballot and the official ballot in same envelope, which will lead some voters to fill out and return the sample ballot by mistake…
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Thank you for your support!

Follow Us on Twitter!