"Did a Weak Password Result in SolarWinds Hack?"
The investigation of the SolarWinds Orion software supply chain hacking attack continues. The attack on SolarWinds' Orion IT management platform impacted government agencies, critical infrastructure, and private-sector organizations. SolarWinds' top management is now blaming an intern for the use of a significantly weak password, which is believed to be the root cause of the SolarWinds hack. It has been suggested that the password was publicly accessible via a GitHub repository since June 2018, prior to it being addressed in November 2019 after a security researcher reported it. Sudhakar Ramakrishna, the CEO of SolarWinds, confirmed that the password, "solarwinds123," had been in use as early as 2017. This article continues to discuss the use of a weak password believed to be the main cause of the SolarWinds supply chain attack and other recent findings surrounding the hack in relation to its impact and the state-sponsored group behind its execution.
CISO MAG reports "Did a Weak Password Result in SolarWinds Hack?"