By Joe Hoft
We reported yesterday that late Sunday night the Cybersecurity and Infrastructure Security Agency (CISA) issued a rare Emergency Directive 21-01, in response to a KNOWN COMPROMISE involving SolarWinds Orion products.
It turns out that Dominion was trying to hide the fact that they were connected with Solar Winds:
One reader shared with us some thoughts about Solar Winds technology:
I work in IT and I am now left wondering if Solar Winds was used as a backdoor “jump host” to get into Dominion machines. If the machines each had a unique hostname and they were being connected to a central network it is a rational way to explain it. A “jumphost” is a server (which is very bad security practice, by the way) that contains all the hosts on a network with their hostnames and ip addresses so you can just “jump” to them or remote to them. If they did indeed put a backdoor in Solar Winds and connected these to a network, this is how they would do it: Solar Winds might be hacked to be a jumphost. I cannot say this is true for sure, but it is worth digging into. A “jumphost” is bad because it puts all your hosts and devices into one basket and if a hacker gets in there, you can only imagine what a nightmare they can create.
"Destroying the New World Order"
THANK YOU FOR SUPPORTING THE SITE!
© 2024 Created by truth. Powered by
You need to be a member of 12160 Social Network to add comments!
Join 12160 Social Network