General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsMicrosoft unleashes 'Death Star' on SolarWinds hackers in extraordinary response to breach
https://www.geekwire.com/2020/microsoft-unleashes-death-star-solarwinds-hackers-extraordinary-response-breach/BY CHRISTOPHER BUDD on December 16, 2020 at 3:20 pm
This week Microsoft took a series of dramatic steps against the recent SolarWinds supply chain attack. In the size, speed and scope of its actions, Microsoft has reminded the world that it can still muster firepower like no one else as a nearly-overwhelming force for good.
Through four steps over four days, Microsoft flexed the muscle of its legal team and its control of the Windows operating system to nearly obliterate the actions of some of the most sophisticated offensive hackers out there. In this case, the adversary is believed to be APT29, aka Cozy Bear, the group many believe to be associated with Russian intelligence, and best known for carrying out the 2016 hack against the Democratic National Committee (DNC).
While details are continuing to emerge, the SolarWinds supply chain attack is already the most significant attack in recent memory. According to SolarWinds, Microsoft, FireEye, and the Cybersecurity and Infrastructure Security Agency (CISA) the attackers compromised a server used to build updates for the SolarWinds Orion Platform, a product used for IT infrastructure management. The attackers used this compromised build server to insert backdoor malware into the product (called Solorigate by Microsoft or SUNBURST by FireEye).
According to SolarWinds, this malware was present as a Trojan horse in updates from March through June 2020. This means any customers who downloaded the Trojaned updates also got the malware. While not all customers who got the malware have seen it used for attacks, it has been leveraged for broader attacks against the networks of some strategically critical and sensitive organizations.
Much more at link. A big fuck you to putin! Yankee ingenuity in real time!
leftyladyfrommo
(18,868 posts)SheltieLover
(57,073 posts)leftyladyfrommo
(18,868 posts)SheltieLover
(57,073 posts)grantcart
(53,061 posts)SheltieLover
(57,073 posts)BadgerKid
(4,552 posts)plimsoll
(1,668 posts)And the source of this appears to have been mind numbingly stupid single factor authentication (password) on a source for updates.
Granted its the kind of stupid we knew about when Bill was in charge, so great that lessons that lessons Bill might actually have learned have to be relearned.
SergeStorms
(19,199 posts)If an "internet security" company can't come up with a better password than that.........
They sound like a bunch of amateurs.
Dyedinthewoolliberal
(15,571 posts)Marthe48
(16,949 posts)Microsoft, for all of the complaints, has brought a vital technology to the world. Along with the technology comes destructive people determined to spoil using it, from something as selfish as being remembered for creating a virus, to something as nefarious as destroying a nation.
Mr. Gates retired many years ago, but Microsoft and its employees continue to fine tune their products. I appreciate Apple too, but I have always used laptops and this o.p. is about Microsoft's effort to combat this latest hack.
Response to leftyladyfrommo (Reply #1)
CatLady78 This message was self-deleted by its author.
liberalla
(9,243 posts)exactly what was done to "nearly obliterate the actions of some of the most sophisticated offensive hackers out there." How it has damaged the hackers... It's good to get some positive news on the fall out after the hack.
SheltieLover
(57,073 posts)I hear you about the need for positive news!
Just imagine how we will feel when chumputin & coconspirators are indicted!
SergeStorms
(19,199 posts)Unless they set foot on U.S. soil nothing will ever be done legally.
SheltieLover
(57,073 posts)BadgerMom
(2,771 posts)The judicial branch can sit this one out.
SergeStorms
(19,199 posts)someone who said they'd be indicted. That will never happen in this country. Biden can retaliate as he sees fit, but they'll never go to court. That was my point.
BadgerMom
(2,771 posts)DonaldsRump
(7,715 posts)If a Russian resident under indictment in the US travels to a country that has an extradition treaty with the US, they could be arrested on arrival in that country and sent to the US.
It can be a big issue for some people, as it can really curtail where they can travel.
https://www.interpol.int/en/How-we-work/Notices/Red-Notices
reACTIONary
(5,770 posts)... retaliate.
SergeStorms
(19,199 posts)it was about being indicted. Of course we can retaliate, but they'll never be subject to U.S. legal prosecution.
Response to reACTIONary (Reply #103)
BrightKnight This message was self-deleted by its author.
Ilsa
(61,694 posts)Allies of ours, if they visit those countries. Their world is smaller now.
BSdetect
(8,998 posts)They don't have much choice given the weak response of our so called ICs
SheltieLover
(57,073 posts)But, as Nancy so aptly stated, "All roads lead to Russia with shitstain.
I'm really grateful that MS is reacting with forceful actions!
Ponietz
(2,965 posts)The text indicates that the malware attack is, now, ALMOST neutralized. The damage is done and there are zero consequences for Russian intelligence, so calling it Death Star is a non-starter. More like Clean Up on Aisle 2020.
From the article: They may still have access to compromised networks through other means: thats what incident responders are likely working on now. And theres no undoing whatever they did while the infiltration went unnoticed for months.
SheltieLover
(57,073 posts)But patriarchy is always reactive.
I can only hope that there were built-in protective measures that are classified.
This is what we get with a traitor in the WH.
Ligyron
(7,631 posts)Where appropriate of course.
The Russians need to be cyber attacked and serious damage occur to their servers and infrastructure. If they respond, hit them even harder and impose sanctions on the Putin regime. Hopefully, once up and running, the Biden/Harris Administration will have the courage to do so to the extent possible for an Executive branch.
notinkansas
(1,096 posts)What they have already done should have gotten them immediate sanctions. Sanctioned bigly.
paleotn
(17,912 posts)is closing the barn door. MS is doing that. We have to realize, these intrusions have been going on for months. We may clean up the mess they left behind, but what's really important is ascertaining what they stole. What information is now compromised.
"Finally, today, Wednesday, Dec. 16, Microsoft basically changed its phasers from stun to kill by changing Windows Defenders default action for Solorigate from Alert to Quarantine, a drastic action that could cause systems to crash but will effectively kill the malware when it finds it."
LOL @ M$FT. Still crashing after all these years.
Nitram
(22,794 posts)for a more reliable source with a report on what happened.
Ponietz
(2,965 posts)It is a horrifying scenario. Looks like they got into almost everything and theres no short-term solution. The damage is probably ongoing, and will be into the indefinite future.
https://www.washingtonpost.com/business/technology/government-warns-new-hacking-tactics-russia/2020/12/17/bba43fd8-408c-11eb-a402-fba110db3b42_story.html
Purging the intruders and restoring security to affected networks could take months, some experts say, because the hackers moved rapidly from the initial intrusions through the corrupted software patches to collect and deploy authentic system credentials, making discovery and remediation far more difficult. Closing the digital back doors initially created by the Russians will not suffice because they appear to have stolen keys to an unknown number of official doorways into federal and private corporate systems, according to investigators at FireEye, a cybersecurity firm that also was hacked.
On Monday, Microsoft and FireEye diverted the channel the Russians used to send commands to systems that download the corrupted patch, causing the malware to shut down. But that does not help those organizations whose networks the Russians have deeply penetrated.
...
The Russian hackers are known for their stealth and ability to dwell at length inside compromised networks undetected. My biggest concern would be if youve got an advanced adversary that has been in the network for a long time, said Jack Wilmer, until August the Pentagons chief information security officer, who has no independent knowledge of the incident. It may be very difficult to get them out and to be assured of the fact theyre no longer there.
Nitram
(22,794 posts)in complacency and leave us defenseless against a dangerous opponent.
Maven
(10,533 posts)Russia should suffer major consequences for the attack, both in the cyber realm and elsewhere, but this ain't it.
pecosbob
(7,538 posts)Kind of like cancelling a credit card after it was used for an unauthorized shopping spree.
Lonestarblue
(9,981 posts)Cyberspace is where more wars are being fought, not with behemoth battleships. We need a serious evaluation of how we spend our defense dollars because I think we might be allocating too much to building war materiel, since that keeps jobs and makes the billionaire investors in companies like Lockheed Martin, Boeing, and Ratheon very happy. In fact, Im sure the whole federal government needs a tech update since we know Trump and Republicans have starved it of resources in an effort to destroy as much as possible.
SheltieLover
(57,073 posts)Ridiculous!
I can only hope our new admin will indict & punish all traitors to the absolute fullest extent of the law!
Ponietz
(2,965 posts)SheltieLover
(57,073 posts)Pobeka
(4,999 posts)To "crack" a password, the brute-force method means try every possible combination of letters in a word as the password, see if the system lets you in, or you successfully de-encrypt some captured "secret" information.
Since the combination of all possible letters is huge, in today's computing environment, it can take 10,20 even 100 or 1000 years to reasonably expect to achieve success at guessing the correct password.
Quantum computers are going to be *spectacularly faster* than today's computers, even 100 million times faster.
http://quantumly.com/quantum-computer-speed.html
So with quantum computers, that 1000 year problem, becomes a 1/10th of a second problem.
SheltieLover
(57,073 posts)Ty for explaining.
Hugin
(33,135 posts)However, no amount of quantum computing is ever going to make up for the idiocy of keeping a password as "solarwinds123". A password probably printed on the outside of the box in which it was shipped. Also, going with the lowest bidder. No computer in the world can make up for that very human failing of laziness. Only wisdom can fix things like this.
Pobeka
(4,999 posts)Coincidentally, I was recently studying up on quantum computing and how a single hardware circuit can simultaneously contain multiple digital states. Pretty sweet, let me tell you!
Tommymac
(7,263 posts)IT folks are working hard at it, but Quantum Computing is not yet proven practical. Hell, we still don't know when it will be - perhaps 4 or 5 years which is an eternity in the IT world.
For now complex pass phrases of 14 characters or more, and 2 factor authentication are the Masks and hand washing of IT loss prevention. Easy to use - but most folks don't understand the need and shrug them off as an inconvenience.
Criminal that SolarWinds used such a crap password for their production rollout of the updates however - they need to be fined heavily. IT pros should know better.
Pobeka
(4,999 posts)Arne
(2,012 posts)It is still unstable.
Jon King
(1,910 posts)Unreal how these flag waving fake patriots damage America. Trumpers hate science, hate Gates, hate Fauci. They worship a guy who sold a mansion to Russians for 3 times its value then became President 6 years later and helps Russia. Bill Gates helps the world against disease and his company helps secure the world vs Russian attacks. Fauci is a hero.
It is simply amazing how much damage these Trump loving aholes have done and continue to do to the country, all while pretending to be patriots. Russia figured out long ago the best weapon against America was fooling its most gullible citizens. These Trumpers are literally doing the bidding of Putin.
SheltieLover
(57,073 posts)The stupidity is truly mind boggling!
At least we will have a competent admin for the next 4 years!
And I most certainly hope our new DOJ will indict, convict the guilty & punish to the fullest extent of the laws! Every. Single. One. Of. Them!
Klaralven
(7,510 posts)While the Solorigate was active, the hackers had plenty of time and opportunity to plant a variety of persistent threats in the victim's networks.
So just eliminating the Solorigate malware and disabling the command server doesn't secure the networks.
SheltieLover
(57,073 posts)But I'm sure there are measures being taken that are not being publicly discussed.
plimsoll
(1,668 posts)The only safe response would be to go back to the last known good OS and infrastructure software builds. But that wont happen.
This will remain an ongoing advanced persistent threat to ALL enterprises and Governments. For a long time to come.
Were talking about the Russians on this, but honestly, why would a company with such negligent disregard for what is basic security be allowed to continue in operation? And what will prevent their security people from being employed in this field in the future? Well treat it as if nothing could have been done. Thats just not true, but hey Mistakes were made.
infullview
(981 posts)If the operating system wasn't put together out of bits and pieces, it wouldn't have been vulnerable to this kind of attack in the first place. Real operating systems such as Unix are monolithic and cannot be infected like this. A little history about why Microsoft sucks: In the days when memory was expensive and small, Microsoft used bits of code called DLL's (download link and load) to allow big programs to run in limited memory space. As time went on computers were able to address more memory (went from 8 bit to 64 bit) and memory got cheap and plentiful. Instead of abandoning DLL's, Microsoft just loaded them sequentially in memory (yuck!), This allowed hackers to substitute or add operating system DLL's to infect the computer on startup.
SheltieLover
(57,073 posts)What they are doing with 10 is beyond ridiculous!
I'm not an IT pro, so I was unaware of what you have shared. Doesn't surprise me at all, tbh. Ty for sharing!
It's always about greed.
But I'm glad someone is taking action. Gawd knows we cannot depend upon shitstain to look after our country's best interests!
Nimble_Idea
(1,803 posts)infullview
(981 posts)KatyMan
(4,190 posts)infullview
(981 posts)You're more than welcome to do the research yourself. I've been in IT since 1980. I worked in the mini computer industry and lived through the rise of Microsoft which displaced so many other excellent computer systems. Microsoft should have abandoned the DLL when the hardware supported larger memory. They didn't do this because it would have forced their users to buy a new operating system and software. It was purely a marketing decision that has caused them no end of pain ever since. BTW Mac did it right. They've always had a monolithic OS - the only thing you can infect on a Mac or a Unix machine is an application like a browser. All you have to do to fix it is remove it and reinstall with a clean install.
One more thing... insurance companies charge a premium to companies that use Microsoft servers due to their inherent risk.
USALiberal
(10,877 posts)jmowreader
(50,557 posts)You cant format the startup volume on a Mac, and - as far as I know - you can still do it on a Windows box. Worse, you at least could do it with a Word macro. If I, for some reason, actually want to wipe a Mac startup volume, I have to start the machine from a different drive.
A long time ago I set up a Windows machine for graphic arts; we were getting a lot of files created on Windows machines and, before OpenType shipped, the fonts were different. (How long ago this was: those files were made in PageMaker.) When we specced out the box, I told my salesman I want x RAM, y disk, and an office suite not made by Microsoft. He looked at me like I was fucking nuts, but I explained about malicious Office macros and he then understood. The machine came in with WordPerfect Office. I also asked him to bring me Ethernet cables that were all different colors, and this he wouldnt do. Then I had to expand the network to other machines in the building, and then I used different colors for every node. The guy came in a few months after I did, and I showed him the logic: if the receptionists computer is on a channel on the switch that goes dead and you know her cable is green, all you need do is move the green cable to a different Jack and youre done. Simple and efficient. He never sold another system with all-white cables again.
BobTheSubgenius
(11,563 posts)JudyM
(29,233 posts)KatyMan
(4,190 posts)thanks for your reply.
Been in the biz since 1995 or so, mainly in MS shops but now in a more mixed environment. I'm not on the server side anymore, so don't have to deal with those issues! Just have to make sure my app plays nice on the server, which for me are a mix of Linux and MS. Of course, depending on the size of the company one works for, no matter what your opinion of MS or Unix or Mac might be, you have to use what corp says to!
CloudWatcher
(1,847 posts)Ah, not so fast. Unix and the macOS has advantages, but it has its share of vulnerabilities too. The biggest one is the user being willing to click to install almost anything that looks reasonable. Bogus driver updates, trojan horses, malware disguised as games or utilities, "free" versions of copyrighted software. MacOS Kernel extensions ( "kexts" ) are a great target. And even apps in the "trusted" Apple Mac Store (and iOS store) are occasionally infected.
Humor: I was the first one to call the FBI when the Morris worm hit our BSD Unix system in 1988. The next day my team got a few minutes of fame by being on the forefront of decoding exactly how it worked. A little background info ... https://en.wikipedia.org/wiki/Morris_worm
infullview
(981 posts)the user that something *is* being installed. Again, the operating system does NOT use shared object (.so) libraries so these canl only infect applications. On Linux, a kernel extension has to be compiled into the OS on a restart and is limited to things like 3rd party video drivers. So yes, it is possible to hack one of these systems, but it is much harder to hijack the operating system. A hacked Linux OS is much easier to fix as well. Bottom line: a Unix/Linux server isn't going to encounter the level of user interaction you're describing to make it vulnerable. Kernel updates are always done from a trusted source and usually don't use daemons to push updates quite like Windoze does so - much safer.
Arne
(2,012 posts)hacks go way deeper than Microsoft.
You remember we started it with Stuxnet.
USALiberal
(10,877 posts)USALiberal
(10,877 posts)LeftInTX
(25,287 posts)Not techy myself, but .dll is file extension. When they work all is fine, but they will sometimes point to deleted or moved files or places in the registry that have been changed. They can cause programs to freeze or crash....they can be buggy...They aren't as much of a problem as they used to be....Never drag a dll file into the recycle bin..LOL (By default they are now hidden in Windows Explorer)
This was a big problem in Windows 95 and 98, but by Windows XP, DLL Hell seemed to be going away.
Malware may often consist of only a DLL file as opposed to an EXE file, which makes them harder to locate and remove...
https://en.wikipedia.org/wiki/Dynamic-link_library
Demsrule86
(68,556 posts)Nitram
(22,794 posts)HuskyOffset
(888 posts)MyNameGoesHere
(7,638 posts)Aussie105
(5,383 posts)If you are going to attack MS, at least get the terminology right.
The article is deceptive though, all the actions on MS's part have been defensive. A Death Star is not a defensive weapon.
SheltieLover
(57,073 posts)Sounds like a horrible system!
infullview
(981 posts)infullview
(981 posts)SheltieLover
(57,073 posts)MS sucks, but I am glad they are doing something to counteract this!
Klaralven
(7,510 posts)Roc2020
(1,615 posts)the internet/cyberspace/virtual between countries. Nice to see a news report that the U.S is fighting back.
SheltieLover
(57,073 posts)We all know chumputin will do nothing to stop the destruction of our country for putin!
paleotn
(17,912 posts)And we're not without our own offensive capabilities. New sheriff in town on Jan. 20. Payback will be hell.
If anyone thought the Cold War ended with the fall of the USSR, they are sorely mistaken. Russian nationalists and KGB types kept that fire alive and now we're back to 1968 in that regard. They were and are the sworn enemy of western democracy. How those in my age group can throw off decades of conditioning and think the Russians are our friends because a spray tan con man says so is beyond me.
To paraphrase James T. Kirk, I've never trusted Russians and I never will.
SheltieLover
(57,073 posts)I can't wait for our "new sheriff" to deal with Putin & our new DOJ to indict & punish puppets in this country!
TomVilmer
(1,832 posts)That is not the words I would ever use to describe them. MS is a bunch of evil MFs.
SheltieLover
(57,073 posts)But I'm glad they are countering this hack, even if (typical of patriarchy!) reactively, rather than proactively!
LudwigPastorius
(9,137 posts)Meanwhile, Russia is probably implementing the next big hack.
So, was SolarWinds the lowest bidder on the government contract, or somebody's brother-in-law's company, or the company of some mega donor?
SheltieLover
(57,073 posts)I only know they are out of RX & read that their system password was company name followed by 123.
Someone's head(s) needs to roll over this!
cayugafalls
(5,640 posts)They may still have access to compromised networks through other means: thats what incident responders are likely working on now. And theres no undoing whatever they did while the infiltration went unnoticed for months.
We did not WIN this battle. We fucking lost because WE HAD A TRAITOR IN POWER.
Never fucking forget. Trump needs to rot in prison.
SheltieLover
(57,073 posts)It just feels good to know someone is doing something after 4 years of traitor in WH!
cayugafalls
(5,640 posts)We have the tools and the know how, hell, I am just a lowly ex-IT guy and I know we can do WAY more to win this war.
We just need to throw SERIOUS dollars at the effort and hire the best hacker minds out there.
One of the simplest ways to stop this is to build a national firewall system. I know it sounds a lot like Trumps wall, but this is different, we really are being ATTACKED across the Internet border.
Hugs to you to, hope you are doing well, my friend. Stay well, SheltieLover!
Hugin
(33,135 posts)Nine months or more of sifting through all of the data they could ever wish for at will can be boring. They had probably moved on to other things.
What we need right now to feel safe is a Star Wars reference and a puff-piece on Microsoft.
Note to SheltieLover: This is not directed at you. I find your wild eyed optimism refreshing. Please, keep doing you.
rickford66
(5,523 posts)and several people were working on the same load, each of us checked for diffs after each build.
Azathoth
(4,608 posts)1) Revoking digital certificates is done everyday. Its effectiveness depends on whether every client machine is configured properly to always check for revoked certificates. Doesn't do anything to repair already-compromised systems.
2) Two and four are Microsoft bragging that it added a virus definition to its antivirus software. *slow clap*
3) Sinkholing the domain is the only thing here that could be considered a "death star" move. It's an important mitigation step, but depending on how the trojan is designed, it's far less effective than the article implies. Sophisticated attackers would not design a worm that can only be accessed through a single domain. What likely happens is the trojan infects a system, then sends a message to the domain notifying the hackers that a new system has been compromised. The hackers store the info and can connect directly to the backdoor at a later time. So taking down the domain does nothing for the systems that are already infected and have already used the domain to notify the hackers. It also doesn't stop new infections from happening. It merely prevents the hackers from learning of newly infected machines.
Not trying to be a downer, but this isn't a benevolent sovereign using his awesome power to make everything right.
A cogent statement of a sad reality.
Demsrule86
(68,556 posts)were dealing with the Russian KGB...cozi bear.
SheltieLover
(57,073 posts)🤞🤞🤞
SheltieLover
(57,073 posts)As said in previous posts, I'm not an IT pro, so I have little understanding of what they claim to be doing.
And I alm not a fan of MS. I just thought it would be nice to share with the community an article I thought was some good news.
We are quite obviously long plast due for justice!
CloudWatcher
(1,847 posts)The malware could have lots of different domains and just try the next one in the list if the first one doesn't work. Or even just have a list of IP addresses and bypass domain name lookups entirely.
Revoking the compromised signing key and tying up their domain name is standard-procedure, not anything close to something I'd call a "Death Star" response.
Kudos to Microsoft for adding signing requirements to apps. But that's something that Microsoft and Apple have been doing for a long time. Not exactly a new weapon rolled out in response to this attack. And the article doesn't describe anything more than trying to dismantle their attack .... i.e. nothing going back to infect (or even reveal) the attackers. I'm hoping there's a lot more going on than what's public.
Nitram
(22,794 posts)Or maybe I don't know better. Vastly overstated and hyped.
Demsrule86
(68,556 posts)SheltieLover
(57,073 posts)According to the IT pros' posts above, it isn't much, but it is something.
Considering chumputin is saying / doing nothing, I think it is a good sign!
Demsrule86
(68,556 posts)SheltieLover
(57,073 posts)And yw!
ItsjustMe
(11,230 posts)No IT pros posted above.
Hotler
(11,420 posts)Good to know someone is taking action to protect our natiinal interests, since the russian asset in the WH won't.
Hekate
(90,667 posts)klook
(12,154 posts)SolarWinds exposed their FTP server credentials in a public Github repo, which was identified by cybersecurity expert Vinoth Kumar who reported it to SolarWinds in 2019. Did some poor security practices lead to the US Government breach?
- SaveBreach.com
Good information at https://savebreach.com/solarwinds-credentials-exposure-led-to-us-government-fireye-breach/
Updated info in this Twitter thread says the credentials were exposed as far back as June 2018:
https://threadreaderapp.com/thread/1338929932647477257.html
SheltieLover
(57,073 posts)Last edited Thu Dec 17, 2020, 04:21 PM - Edit history (1)
How much did putin pay for this?
This company needs to be prosecuted & barred from future govt work.
klook
(12,154 posts)Thats like leaving the keys to Fort Knox hanging on the doorknob.
This company should be held liable & owners / decision makers punished to the fullest extent of the law & banned from govt. contracts. Perhaps russian assets? I had never heard of the company but it is hard to imagine high leve IT folks being this stupud about security.
A 5 year old would know better!
superpatriotman
(6,247 posts)And how much is that exactly????
0rganism
(23,944 posts)that piece reads like a damn press release from Microsoft
0rganism
(23,944 posts)going after the cracker domain helps short term, but crackers will simply create more
updating "Windows Defender" is an expected minimal beginning of a response
the sad truth: every one of those compromised systems is suspect, many will need to be scrapped and replaced, entire networks must be rebuilt ground-up. impacted agencies and companies will face delays and incur significant expenses replacing hosts and verifying security. those that cut costs put anyone engaging them with online transactions at risk of malware infection and identity theft.
the OP article reads like a puff piece for Microsoft.
cstanleytech
(26,289 posts)Captain Zero
(6,805 posts)Next.
seta1950
(932 posts)OMGWTF
(3,955 posts)I was sitting at the receptionist desk when he came in to meet with one of the business lawyers in his dad's law firm. Later that day, I asked Mr. Gates' secretary, "Who was that geeky guy that came in earlier?" She replied, "That's Mr. Gates' son and he is making a company that makes the brains for computers. And you know how smart computers are!" I am so proud of this wonderful family.
ecstatic
(32,699 posts)to oversee cyber security? Is it because it's too risky?
Baitball Blogger
(46,703 posts)And I just received it a few minutes ago.
Are they forcing patches on our laptops?
ecstatic
(32,699 posts)Although I think they caught me last week.
Fla Dem
(23,656 posts)Maybe it was and I missed it. But watched NBC and CBS evening news, as well as msnbc and only heard what a disaster it was. Not even any mention of Microsoft, just Solarwind.
Nitram
(22,794 posts)least.
Fla Dem
(23,656 posts)I just googled Microsoft Death star and the only references that come up are the Geekwire, reddit, crooks and liars which just references Geekwire's article. See nothing at all from mainstream media. No interviews I've seen with Democratic congressmen/senators have mentioned it when talking about the hack.
I hope it's true, but can find no evidence that it is. Please provide a link to the articles in the"Post" you have seen.
Many thanks.
Nitram
(22,794 posts)anything other than a hyped-up PR stunt for Microsoft. Check this link for solid information and facts:
https://www.washingtonpost.com/business/technology/government-warns-new-hacking-tactics-russia/2020/12/17/bba43fd8-408c-11eb-a402-fba110db3b42_story.html
Fla Dem
(23,656 posts)and the geek wire article overstated the significance of the action Microsoft initiated.
From the W/P
What was accomplished possibly was terminating any further hacking, not restoring any compromised systems.
That's a lot different than what geek wire reported or intimated .
That made it sound like M/S reversed the actions of the hackers and restored the hacked systems.
All I was trying to do was verify if the situation deserved the enthusiasm displayed by the poster. It appears it does not.