The cyberattack on U.S. government systems via compromised SolarWinds software became possible due to neglecting vulnerabilities. This was stated by Nikolai Murashov, deputy director of the National Coordination Center for Computer Incidents (NCCCI), created by order of the FSB leadership.
According to him, the attackers could have gained access to the company’s software as early as 2017. Then SolarWinds employee Ian Thornton-Trump warned of cybersecurity shortcomings, but he was not heard, Murashov asserts.
“Even then, the credentials to access SolarWinds’ remote-management software were available on the dark web.”
The NCCCI deputy director says SolarWinds had a primitive password for accessing the update server.
“The recommendation to disable antivirus software when installing updates for its software also looks strange,” he added.
Earlier in 2020, a major cyberattack on U.S. government agencies through SolarWinds software affected the State Department, the Department of the Treasury, the Department of Commerce and the Department of Energy, and, to some extent, the Pentagon.
In mid-April, in response to the cyberattack, the U.S. authorities added a number of cryptocurrency addresses to the sanctions list, linked to individuals and organizations that allegedly helped Russian intelligence services meddle in the U.S. elections and spread disinformation.
Subscribe to ForkLog news on Telegram: ForkLog Feed — full news feed, ForkLog — the most important news, infographics and opinions.