Last Friday, at a joint hearing of the oversight and homeland security committees of the US Congress, the causes of one of the most serious security breaches in the country’s history were examined. The hacking of SolarWinds servers affected about 100 US companies and 9 federal agencies.
As one of the versions of the successful penetration of hackers, the leaked password “solarwinds123”, which was used by company employees to access the system, is considered. It was discovered in 2019 in the public domain on the Internet by independent security researcher Vinoth Kumar, who warned the company about the existing danger of hacking the SolarWinds server due to a leak.
Former SolarWinds CEO Kevin Thompson said the password problem was “A mistake the trainee made”… He noted that the security service immediately corrected the problem as soon as it became known. In fact, an unnamed intern twice violated basic security rules: he not only used a primitive password, but also “guessed” to put it in his repository on GitHub.
In turn, the current CEO of SolarWinds, Sudhakar Ramakrishna, said that the trainee used this password for access back in 2017. Neither Thompson nor Ramakrishna explained to lawmakers why the company allows such simple passwords at all. “I have a more secure password than solarwinds123 so that my kids don’t watch too many YouTube videos on their iPads.” – said the member of the US House of Representatives Katie Porter (Katie Porter).
Vinot Kumar previously told CNN that before the company fixed the problem in November 2019, the password had been available online since at least June 2018. This allowed him to log in and successfully place the files on a SolarWinds FTP server from which clients downloaded software updates. Kumar then warned the company that using this tactic, any hacker would be able to upload malware to SolarWinds.
If you notice an error, select it with the mouse and press CTRL + ENTER.