The drama SolarWinds just won’t stop. It is a tale of Russian hackers – and potentially Chinese hackers – alleged email spying and an open hole of security vulnerabilities that seems to get worse as more details come to light. Now, we can add another twist to the story: the ridiculously insecure password “solarwinds123”. In the latter case, SolarWinds would like you to know that it was the intern’s fault.
At a joint hearing on Friday, former SolarWinds CEO Kevin Thompson told Supervisory Committees of the Chamber and Homeland Security that the password “solarwinds123”, which protected a company server, was “related to an error made by an intern and he violated our password policies”. Thompson explained to legislators that the intern posted the password on his private GitHub account.
“As soon as it was identified and brought to the attention of my security team, they removed it,” said Thompson.
The password security problem dates back to at least 2018, although the testimony provided by SolarWinds on Friday indicates that it may be even older. In December, security researcher Vinoth Kumar told Reuters that he warned SolarWinds that anyone could access his update server using “solarwinds123.” CNN reported that the password has been accessible online since at least June 2018.
G / O Media can receive a commission
However, at the hearing, Sudhakar Ramakrishna, current CEO of SolarWinds, told lawmakers that the password “solarwinds123” was used on one of the intern’s servers in 2017.
According CNN, Kumar showed SolarWinds that the password allowed him to log in and deposit files on his server. This was a way for any hacker to send malicious programs to SolarWinds, the researcher said.
“I have a stronger password than ‘solarwinds123’ to prevent my kids from watching YouTube a lot on their iPad,” California Democrat Rep Katie Porter told SolarWinds officials at the hearing.
At this point, however, it is still uncertain whether the password leak played a role in the SolarWinds hack, noted CNN, which is believed to be the largest foreign intrusion campaign in US history. This month, White House national security adviser Anne Neuberger said that about 100 different companies and nine federal agencies, including the one that oversees the country nuclear weapons, was compromised by foreign hackers.
The government is investigating the hack, and it is it is still not clear what data hackers could access. The investigation should take several months. Kevin Mandia, CEO of FireEye, the cybersecurity company that discovered the hack, said that we may never know the extent of the attack.
“The end result: we may never know the full extent and extent of the damage, and we may never know the full extent and extent of how the stolen information is benefiting an opponent,” said Mandia.
However, we know one of the causalities of the attack: an unidentified poor intern who SolarWinds threw under the bus.