Rich Kulawiec via plug on 17 Dec 2020 06:24:41 -0800


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] OT: SolarWinds


On Wed, Dec 16, 2020 at 05:46:03PM -0500, K.S. Bhaskar via plug wrote:
> Yes, but who is the enemy?

[snip excellent questions]

I don't know.  We're at the "fog of war" stage in this incident and it's
hard to tell what's deliberate, what's accidental, who's telling the truth,
who's lying, what we know, what we don't know, etc.  My guess is that we're
not going to have an accurate/complete understanding of this for a while.
Maybe ever if some of the details are classified and remain that way.

But I'm willing to bet that the situation is worse than we know...because
it's always worse.

However, based on what we do know as of this moment: anybody still running
SolarWinds should rip it out by the roots right now and activate their
procedures for archiving/scrubbing/rebuilding compromised systems.

---rsk
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug