Microsoft says it found 1,000-plus developers' fingerprints on the SolarWinds attack

1. Tuesday 16th February 2021 00:09 GMT low_resolution_foxxes
  
  Re: ...And your lucky colour is puce.
  
  Allegedly Russian hackers have contracts that specifically forbid any Russian text, jokes or cultural references being used. It wouldn't surprise me if they use American English as a distraction.
  
  0 1 Reply
2. Tuesday 16th February 2021 00:13 GMT tekHedd
  
  4500 lines of code?
  
  Was thinking the same thing: On the one hand, we have a fairly small program (I have larger throwaway internal utilities) written by at most two or three developers, possibly backed by a somewhat larger deployment testing team. On the other hand, we have... the fingerprint of 1000 developers?
  
  Pull the other one, it has 200 bells on, according to our analysis.
  
  7 1 Reply
  1. Tuesday 16th February 2021 04:19 GMT yetanotheraoc
    
    Re: 4500 lines of code?
    
    The really amazing bit is Microsoft being able to fingerprint a developer from 4.5 lines of code. Maybe they asked Facebook.
    
    5 0 Reply
Monday 15th February 2021 08:38 GMT seven of five

Probably only 50 guys/gals

They're just 20 times better than Micros~1 could imagine...

Personally, I'd go with Steve Davies 3 Idea of stackoverflows copy&paste.

17 2 Reply
Monday 15th February 2021 09:04 GMT Version 1.0

2FA

Two Factor Access at work again, it's sold as "Authentication" but it's only effective when it works. It's a permanent security risk the rest of the time.

10 2 Reply
1. Monday 15th February 2021 09:59 GMT Headley_Grange
  
  Re: 2FA
  
  Yep - security works best when it's seen as security rather than a bit of a hassle.
  
  6 0 Reply
2. Monday 15th February 2021 12:46 GMT Anonymous Coward
  
  Re: 2FA
  
  > that individual had two phones registered to their name
  
  A personal + a work phone? I have four different 2FA mechanisms for the various accounts and systems my employer uses.
  
  8 0 Reply
Monday 15th February 2021 09:47 GMT gerdesj

The real takeaway

"If anyone understands the havoc 1,000 developers can create, it’s Microsoft."

Genius

46 1 Reply
1. Tuesday 16th February 2021 00:27 GMT Phil Kingston
  
  Re: The real takeaway
  
  Feel the burn
  
  1 1 Reply
2. Tuesday 16th February 2021 12:56 GMT eldakka
  
  Re: The real takeaway
  
  2nd best laugh I've had in months when I read that. (The best was when I was watching a video yesterday about flat earthers noting that the movement was fading (due to their videos in recent years having tiny viewership), and that the flat earthers had mostly moved to QAnon)
  
  1 0 Reply
  1. Tuesday 16th February 2021 19:26 GMT yetanotheraoc
    
    Re: The real takeaway
    
    I thought the flat earthers were more picky about what they choose to believe.
    
    0 0 Reply
Monday 15th February 2021 10:43 GMT iron

> Most US cyber defences look at activity beyond the nation’s borders

Well that's stupid since my router sees twice as many attacks from US than from RU and CN combined.

11 7 Reply
1. Monday 15th February 2021 22:51 GMT gratou
  
  Yes but they are good attacks.
  
  4 0 Reply
  1. Tuesday 16th February 2021 09:37 GMT teknopaul
    
    Attacks from US ip addresses are not necessarily run by an American, you may just have a lots of ip cameras turned to bots in the states.
    
    2 0 Reply
Monday 15th February 2021 11:02 GMT MOH

"Most US cyber defences look at activity beyond the nation’s borders and assume the private sector in the USA takes care of itself."

That seems .... optimistic

15 0 Reply
1. Tuesday 16th February 2021 15:42 GMT Michael Wojcik
  
  It seems implausible to me. I'd like to see a citation.
  
  0 0 Reply
Monday 15th February 2021 13:27 GMT Chris the bean counter

1,000 developers in the know ?

Seems unlikely. I expect only a dozen or so, using the work of other developers.

Definitely not a Russian hack if it was 1,000. That many would leak...I would hope.

My betting and prejudice would be China.

Love China hate Xi.

9 1 Reply
Monday 15th February 2021 15:44 GMT Anonymous Coward

Supply chain hack first?

Surely when Lockheed got spearphished by their compromised outsourced HR provider, that was supply chain attack?

Or when every MSP out there got done over to gain access to customer networks.... that's supply chain attack.

2 0 Reply
Monday 15th February 2021 17:15 GMT amanfromMars 1

No Smoking Gun ... Identifies a Phantom Enemy. There's Counselling and Medication for Paranoia

It's not everyday you meet someone who builds cyber weapons as complex as those deployed by Russian intelligence. But Jon Miller, who started off as a hacker and now runs a company called Boldend, designs and sells cutting-edge cyber weapons to U.S. intelligence agencies.

Jon Miller: I build things much more sophisticated than this. What's impressive is the scope of it. This is a watershed style attack. I would never do something like this. It creates too much damage. ..... https://www.cbsnews.com/news/solarwinds-hack-russia-cyberattack-60-minutes-2021-02-14/

There's always at least one, isn't there, blowing their own trumpet trying to excite the markets.

Hasn't Jon Miller heard the news ........ Self praise is no recommendation. And why is it Uncle Sam is always getting hacked by perps wonderfully adapted and adept at not leaving behind any provable incriminating evidence. It doesn't get much more sophisticated than that if one considers it a weapon.

11 1 Reply
1. Monday 15th February 2021 22:42 GMT very angry man
  
  Re: No Smoking Gun ... Identifies a Phantom Enemy. There's Counselling and Medication for Paranoia
  
  so happy to see you back, don't worry you'll soon have your writing back to normal.
  
  “What we are seeing is the first use of this supply chain disruption tactic against the United States,”
  
  Murkin's been doing it to EVERYone else for years, So pissed someone pulled the bully tactic on them!
  
  3 2 Reply
2. Tuesday 16th February 2021 15:00 GMT amanfromMars 1
  
  Useful IDiots 'r' Us
  
  There's always at least one, isn't there, blowing their own trumpet trying to excite the markets.
  
  And then there were two, to further compound and confound and peddle confusion in aid of chaos and conflict ‽ . ........ Former spy chief calls for military cyber attacks on ransomware hackers
  
  What could possibly go wrong ...... apart from everything of course?
  
  Heaven help us from former spy chiefs, and former anythings for that matter. There's a very good reason that they be returned to the shelf and removed from the front line.
  
  And does the Daily Telegraph pay folk to make stuff up to pump and dump as current views and valuable news, or is it the other way around with the Telegraph being paid for spreading such tales?
  
  1 0 Reply
Monday 15th February 2021 17:57 GMT mevets

Havoc

If anyone understands the havoc that 1000 programmers can create, it is MicroSoft's customers. MicroSoft has remained blithely ignorant of it for 40+ years.

5 2 Reply
This post has been deleted by its author
Tuesday 16th February 2021 05:03 GMT Anonymous Coward

<title>?</title>

...But what a shower of Anonymous Cowards commenting this very intetesting article...

AC, because: reasons

1 0 Reply
Tuesday 16th February 2021 08:34 GMT Ashto5

1000 programmers

The only place you see those numbers would be in India

Methinks they doth protest too much

It was probably a couple of guys who spotted the security hole

And now the big boys look stupid

Classic technique exaggerate the story to not look stupid, children do it all the time

2 1 Reply
Tuesday 16th February 2021 09:31 GMT Kevin McMurtrie

...assume the private sector in the USA takes care of itself

We're doomed!

0 0 Reply
Tuesday 16th February 2021 09:45 GMT Muppet Boss

Programmer joke

Q. How many programmers does it take to write 4'032 lines of code?

A. 1'008 if they are versed in Quatrains.

2 0 Reply
Tuesday 16th February 2021 12:10 GMT Tessier-Ashpool

4,032 lines of code took 1,000+ developers

That's even worse productivity than mine!

1 0 Reply