Updated SolarWinds..☕📜

H/T: @melissa5053

Electric Power Industry Leaders Have Taken Note. The Electricity Subsector Coordinating Council, A Group Of Energy Industry CEOs That Meets Regularly With Top Government Officials, Held A "Situational Awareness Call" About Potential Threats To The Grid..
"The Electric Power Industry Takes All Vulnerabilities And Threats To The Energy Grid And Our Supply Chains Very Seriously, Including The Latest SolarWinds Orion Platform Vulnerability That Cuts Across Many Sectors," ESCC Said In A Statement
Kimberly Mielcarek:

"It Was Not Immediately Clear How The Global Intrusion Campaign Could Affect The Operational Technology That Keeps The Lights On And Oil & Gas Facilities Online. But Experts Said Some Critical Infrastructure Operators Rely On Orion And Had Been Hacked"
Suzanne Lemieux, Manager Of Operations Security And Emergency Response Policy At The American Petroleum Institute, Said Oil And Gas Companies "Work Tirelessly To Maintain And Improve Their Defenses."
SolarWinds Said In A Securities And Exchange Commission Filing That It Believes "Fewer Than 18,000" Users Of Its Orion Monitoring Tool Were Vulnerable To Being Hacked
In March, Hackers Have Hijacked Software Updates For Orion Products, Injecting Them With Malware Dubbed "Sunburst." The Hacked Updates Become A Trojan Horse For The Hackers To Breach The Networks Of Orion's Clients
When A Victim Downloads A Seemingly Trustworthy Orion Patch "Much Like Updating Apps On Your Phone" The Hackers Get A Back Door Into The Target Computer System
Rob Lee, CEO Of Dragos, Inc Notes That In Some Cases The OEMs Don’t Just Have Access To Customer Networks — They Actually Directly Infected Their Customers With The SolarWinds Software. That’s Because Some Of Them Use SolarWinds Not Just On Their Own Networks
But Also Have Installed It On Customer Networks To Manage And Monitor Those, Sometimes Without The Customers Being Aware This Was Done..

The “Backdoor” Provided An Attacker With Access To The Network Of Anyone Who Downloaded It Gathered Information About The Infected Network, Then Waits About Two Weeks Before Sending A Beacon To A Server Owned By The Hackers, Along With Information About The Infected Network
To Signal That The Infected System Is Open For Them To Surreptitiously Enter. The Hackers Would Have Used That Information To Determine Which Targets They Wanted To Burrow Into Further
Once Inside An Infected System, The Hackers Could Download More Malicious Tools And Steal Employee Credentials To Gain Access To More Critical Parts Of The Network — Collecting Information Or Altering Data Or Processes There
There Is Currently No Evidence That The Hackers Used The Backdoor In The SolarWinds Software To Gain Access Into The 15 Electric, Oil, Gas, And Manufacturing Entities That Were Infected With The Software
It May Not Be Possible To Uncover Such Activity If The Attackers Did Access Them And Burrow Further Into The Industrial Control Networks Because Critical Infrastructure Entities Generally Don’t Do Extensive Logging And Monitoring Of Their Control System Networks
Hackers Came In Through The Infected OEMs Instead, Using Those Companies’ Credentials And Privileged Access, It Could Be Even More Difficult For OEM Customers To Spot The Hackers’ Activity Since It Would Look Legitimate
“It’s So Many Different People In The Government [Attributing This To Russia], You Wouldn’t Get This Sort Of Statement If There Wasn’t Something There” Says James Lewis Former Govt Official Who Oversees Cybersecurity Programs At The Center For Strategic & International Studies
Interestingly.. In 2012, Hackers Believed To Be From China Breached An OEM Called Telvent And Stole Engineering Drawings And Accessed Files Used To Program Industrial Control Systems. Telvent Is A Division Of Schneider Electric That Is Headquartered In Spain
Its Software Is Used In Oil And Gas Pipelines Across The U.S. And Canada, As Well As Some Water Control System Networks. The Breach Raised Concerns At The Time That The Hackers Could Have Embedded Malicious Code In The Software To Infect Customer Control Systems
Conflicting Statements Arise Between Mitt Romney And Suzanne Spaulding, Former Undersecretary For The Department Of Homeland Security Who Led The Division That Oversees Critical Infrastructure Security
Rob Lee, CEO Of Dragos Is A Very Particular Individual....

• • •

Missing some Tweet in this thread? You can try to force a refresh

Keep Current with J̵̟̦̲̞̭̱̀̈́͑̄̇̈́̚͝ustice

J̵̟̦̲̞̭̱̀̈́͑̄̇̈́̚͝ustice Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!


Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @The_Justice7

22 Feb
Earlier A Small Group Of Antifa Gathered Outside Of The ICE Facility Leaving Various Object On The Property While Shouting At The Officers #Portland #PDX #Oregon

Source: twitch.tv/concretereport…
The Group Of Antifa Also Started A Dumpster Fire While Piling Up Nearby Materials #Portland #PDX #Oregon

Source: @ cozca503 - (Antifa)
Another Angle Of The Trash Burning As Antifa Faced Off With The Officers #Portland #PDX #Oregon
Read 4 tweets
21 Feb
Happening Now: Antifa Have Gathered Outside Of The Portland ICE Facility
#Portland #PDX #Oregon

Source: twitch.tv/anitanoellegre…
The Small Group Of Antifa Seem Bored Waiting To Be Pepper Balled...☕
#Portland #PDX #Oregon
The Antifa Group Continues To Throw Rocks At The Security Cameras Outside Of The ICE Facility #Portland #PDX #Oregon
Read 8 tweets
20 Feb
✈News: Upclose Footage Of Flight 328 United Engine Catching On Fire

A Family Notices The Debris Of The Airplanes Engine Dropping From The Sky
Aerial Footage Showing The Pieces Of The Plane Scattered In #Broomfield #Colorado

Read 5 tweets
20 Feb
Trumps Administration Issued A Surprise EO “Securing The United States Bulk Power System.”

JSHP’s (Jiangsu Huapeng JSHP Transformer) Cai Denies The Presence Of A Backdoor In His Company’s Equipment But Says He Believes That DOE Suspects China Of Booby-Trapping Its Power Grid Gear

Before Shipping Docked In Texas, WAPA Told JSHP To Cancel Its Plans To Transport And Install The Transformer And To Forget About Selling A Warranty On The Equipment, Which Is Mandatory For Highly Specialized, Expensive Electrical System Equipment
Read 11 tweets
20 Feb
📜☕It Appears There Is A March Happening In #Seattle
Antifa/BLM Gather In The Streets Of #Seattle #Washington

Source: twitch.tv/lcsevi
Current Size Of The Group #Seattle #Washington
Read 4 tweets
19 Feb
BREAKING: 📜It Appears Gab May Have Been Hacked And Taken Offline For Fixing The Issue

H/T: @graphiccons
Update: 📜Twitter Has Also Suspended Gab's Twitter Account

Very Strange Indeed...
Read 8 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!