The Volokh Conspiracy
Mostly law professors | Sometimes contrarian | Often libertarian | Always independent
See How Mighty We Russians Are: "Solar Winds, Probably Hacked by Russia, Serves White House, Pentagon, NASA"
We can even hack radiation from space!
The headline is from Newsweek, and, yes, it's true that the singular third-person marker on the verb ("serves") provides something of a signal. Note also that the company seems to be called SolarWinds, and using the one-word form would have helped avoid sending the reader down the garden path (though maybe it was a deliberately absurd-humor touch by the headline writer).
Seriously, though, this sounds pretty serious:
A suspected Russian hack of internal U.S. Treasury Department emails have sparked fears among domestic intelligence that other government agencies could be at risk, according to people familiar with the matter.
Three unnamed sources familiar with an investigation told the Associated Press on Sunday that Russia is believed to have been behind the cyber attacks…. The Commerce Department said that one of its agencies was targeted, and the FBI and Cybersecurity and Infrastructure Security Agency (CISA) are currently investigating the incident.
Two unnamed sources told the outlet that the hackers entered U.S. systems through updates released by SolarWinds, a software company based in Austin, Texas that also provides services to the White House, Pentagon and NASA, according to their website. Additionally, the company provides services to the country's leading telecommunications providers, as well as "more than 425 of the U.S. Fortune 500."
To get the Volokh Conspiracy Daily e-mail, please sign up here.
Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of Reason.com or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Comments may only be edited within 5 minutes of posting. Report abuses.
Please
to post comments
I’ve always wondered about updates as a vector for viri.
It’s the cyber-security version sneaking in/out of prison in the laundry truck.
DHS got hacked as well.
This does seem pretty bad.
It looks quite bad. But Newsweek is a shitty source, I think I will hold out until some forensics has been done before I accept the rote ‘It was the Russians’ story that has been the go-to for everything the media can possibly fit it to since 2015. Quite frankly, China has excellent black hats at their disposal, and is often the source of attacks. And there are plenty of other options.
China has more motivation — and better funding.
Just sayin….
Uninvited Russian interference is worrisome. Invited Russian interference (Trump and Trump Jr.) is ok though.
I can’t believe you are harping on Russian collusion after it’s been thoroughly debunked. Wow, talk about Trump derangement syndrome. Now, tell me what you think about the Biden/China connection?
Oh! I see what you did there!
“Invited Russian interference” gets magically transformed into “collusion” with a verbal slight of hand.
Russia, if you’re listening…
“Russia, if you’re listening, …” almost certainly was a bit of snarky, throwaway BS by a naive and inexperienced candidate with so little foresight that he did not anticipate that his opponents would use it as a weapon for the rest of the campaign and, in the event he won election (which he very probably did not expect) for his entire term or terms. It’s well past time to drop it.
Where does invited Russian interference (Hillary and DNC) fall in that spread?
The best thing about progressives, compostability. But other than that, the endless repetition of disproved stories while asserting that nobody from the left is still carrying on like an ass about the 2016 election.
Three observations.
First, the vehicle apparently used, compromise of software updates, is precisely what sensible analysts worried about in connection with voting. Despite the many displays of voting machine vulnerability to hacking by those with physical access to the machines, the probability that it would be used successfully to corrupt the election outcome was and is close enough to zero to be ignored. The genuine risk was and is incorporation of malicious function into the software that runs on voting and vote tabulation equipment during production and before the producer applies a digital signature and distributes it. That appears to have been what was done to at least one SolarWinds component.
Second, that so many government agencies use both Microsoft and SolarWinds software extensively sets up a couple of potentially vulnerable and extremely valuable targets for implementing such corrupt software, well worth the efforts of a well funded foreign or domestic adversary.
Third, both public and private organizations often regard IT as peripheral and secondary to their main mission, to be starved for funds and thought poor career path choices or, worse, outsourced to the likes of SolarWinds and Booz Allen Hamilton (think Ed Snowden, here). Any organization that is dependent on IT (most of any size, now) should classify it as a first class business component, worthy of senior management to whom, in IT matters, even the head of the organization is answerable to a substantial degree. While even that can’t guarantee freedom from penetration, it can greatly reduce both the probability of adverse events and their cost when they occur.
Did you know that you don’t always need solar energy and sunlight to charge solar panels?) I didn’t know it myself, but when I was buying the panels I wondered about it and read a bunch of guides https://solarpvadvisor.com/how-to-charge-solar-lights-without-sun/ Useful stuff!
That said, there are some difficulties with the post’s historical examples. The provision of Danby’s punishment which specified that it was to survive the dissolution of parliament was reversed prior to his taking his seat in the Lords. And while Bacon’s 1621 impeachment and conviction held that “(t)hat he shall for ever be incapable of any office, place, or employment in the State or Commonwealth,” after his efforts to reform Chancery while defending its privileges against Coke and the common lawyers in Parliament, he turned his attention in his few remaining years to writing and science, later perishing of pneumonia while trying to preserve poultry-meat in the snow — the fatal event being: Bacon rapt with chicken.
sharikat tanzif majalis bialriyad