back to article US courts system fears SolarWinds snafu could have let state hackers poke about in sealed case documents

The SolarWinds hack exposed sealed US court documents – which could have a serious effect on Western sanctions against state-backed hackers. As well as the well-publicised effects on FireEye and Microsoft, the downstream impact of the SolarWinds supply chain attack also struck the American federal court system. Aside from the …

  1. Tom Paine
    Black Helicopters

    Ummm

    Could have accessed sealed cases against Russian hackers? Yeah... yeah, there's that, too. From an espionage PoV, cases relating directly to intelligence matters would be another obvious target, ditto those against "politically exposed persons", especially those towards the top of the tree. Less obviously, all sorts of other cases could be useful for an attacker, for all manner of purposes, from blackmail, to getting better knowledge of investigator TTP (and therefore how to escape detection),.. I'm sure there are plenty of other use cases.

    Whilst the "surgical strike" type attack is very rare, there's a big pressure to extract metadata ASAP to enable other analysts to ID material to exfiltrate. Trade-off between increased chance of detection if trying to exfiltrate petabytes, vs hanging around so long that they're discovered via other means (ie., the discovery of the SolarWinds trojan.) Must make for interesting discussions in whichever war rooms they have those debates.

  2. Anonymous Coward
    Anonymous Coward

    Pre-SolarWinds....just ask Ciaran Martin.........

    Quote: "Ciaran Martin, former head of Britain's National Cyber Security Centre, was cautious..."

    *

    Yup......Ciaran Martin has A LOT to be cautious about!!!!

    *

    https://www.theguardian.com/uk-news/2018/sep/21/british-spies-hacked-into-belgacom-on-ministers-orders-claims-report

    *

    So........Ciaran Martin knows exactly where the bodies are buried about EXACTLY THE SAME SORT OF STUFF done in Cheltenham!!!!!!

    *

    ....and not just the commercial secrets of Belgian chocolate!!!!!!

    *

    There are NO "good guys"......................they are all at the same game!!!!!!!!!!

    1. Yet Another Anonymous coward Silver badge

      Re: Pre-SolarWinds....just ask Ciaran Martin.........

      And how else are we to protect against a Belgian global empire of evil ?

      1. Chris G Silver badge

        Re: Pre-SolarWinds....just ask Ciaran Martin.........

        "And how else are we to protect against a Belgian global empire of evil ?"

        Er... don't buy their chocolate and hope they go bust?

        1. Yet Another Anonymous coward Silver badge

          Re: Pre-SolarWinds....just ask Ciaran Martin.........

          I for one welcome our Gin and Chocolate bearing overlords

          1. TimMaher Silver badge
            Pint

            Re: Pre-SolarWinds....just ask Ciaran Martin.........

            And the beer.

            Don’t forget the beer!

          2. Empire of the Pussycat

            Re: Pre-SolarWinds....just ask Ciaran Martin.........

            They also bear beer, vlaamse stoverij and frites, they are the best overlords.

  3. amanfromMars 1 Silver badge

    Wishful Wacky Western Thinking .... the Gift that Keeps On Giving Nothing Worth Saving?

    While nobody really expects criminal charges against SVR (Russian Foreign Intelligence Service) hackers to result in a court trial on American soil, charging individuals serves two main purposes: it ensures they can never safely travel to (or through) a country that has a US extradition treaty; and it signals to non-aligned states what Western cyber-norms are.

    Cyber-norms .... are for monkeys and donkeys performing dumb tricks in circuses? And just like the herding of cats, an abiding impracticality to realise is born in a madness and borne in the maelstroms of mayhem maladministering misinformation and malignant and malicious materiel.

    Why is it so difficult for formerly leading traditionally conventionally analogue elitist executive systems of global assets administration to realise they have no digital virtual mastery to prevent future alternatively led events? And to also realise that any and all of their attempts to forestall or pervert and subvert them are predisposed and intelligently designed to be catastrophically self-destructive?

  4. Anonymous Coward
    Anonymous Coward

    "Martin, now professor of practice in the management of public organisations"

    Sounds like that role includes a fair amount of PR, aka spin.

  5. Anonymous Coward
    Anonymous Coward

    "Don't jump to conclusions..."

    Sounds like he believes in security by obscurity :(

    Yes, of course the hackers were only on a fishing trip - because that's what I would have done, he said under his breath. A 9+ month long fishing trip - yeah, pretty likely they didn't know what they stumbled upon.

    Thanks professor, everything is OK after all. /S

  6. Sanguma Bronze badge
    Big Brother

    There's SNAFU like an AFU

    or, en otros palabros, the only difference between a SNAFU and an AFU is Situation Normal, carry on as usual ...

    I hope against hope and despair, and against beavers eating holes in my dinghy while we're sailing, that this illustrates just how dangerous excessive data storage aka "Big Data" is, particularly when it comes to personal data. Some corp has your data and they haven't been practising safe data, and one day you wake to find a dog's turd of a SNAFU in your private data, or an elephant herd's pile of turds of an AFU, an ECFU ...

  7. IGotOut Silver badge

    No problem.

    Surely sensitivity files such as these would have strong encryption on them anyway.

    Wouldn't they?

  8. Potemkine! Silver badge

    "Don't jump to conclusions just because a particular customer of SolarWinds was targeted," he told The Register. "That implies very specific consequences. Also, don't assume that just because a specific SolarWinds customer has been targeted that anything other than espionage will have occurred."

    Don't assume the opposite either.

    Assuming the worst has happen seems to me the more careful thing to do.

    1. Anonymous Coward
      Anonymous Coward

      Indeed.

      Perhaps something minor like cloud services potentially being compromised: https://www.devopsonline.co.uk/solarwinds-hack-endangering-cloud-services-api-keys/

      :/

  9. Anonymous Coward
    Anonymous Coward

    Something smells fishy

    BBC SolarWinds news this year via Google, results in one match, and that's about who the Americans are accusing.

    Really, just one hit? Nothing else? No impact assessment or analysis 4 weeks later?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021