RE: SolarWinds Russian Hack - is it reasonable to believe it is real?
December 21, 2020 at 10:29 am
(December 20, 2020 at 3:59 pm)FlatAssembler Wrote: As most of you probably know, American media is reporting about some Russian hackers having hacked the SolarWinds servers and inserted a spyware in some of the SolarWinds most popular programs, and no antivirus program detected that spyware for almost a year. Do you think it is true?
As a third year computer science student, such a story sounds rather implausible to me. I mean, those supposed Russian hackers would need to be more skilled than programmers in Microsoft, Google, Motorola or Mozilla.
To Microsoft, it has occurred a few times that their innocent programs get misdetected as malware. In April 2010, McAfee misdetected SVCHOST from Windows XP SP3 as malware, leaving perhaps around a hundred thousand machines unable to boot. In December 2010, AVG misdetected CSRSS from 64-bit Windows 7 as malware, also leaving many machines unable to boot. And there have been a few other such cases, though not as devastating. To Google, it has occurred a few times that BoringSSL (part of Chrome that ciphers HTTPS traffic) gets misdetected as ransomware, leaving a large part of the Internet ciphered using flawed algorithms. To Motorola, it has occurred that their Bluetooth drivers get misdetected as malware. To Mozilla, it has occurred many times that SpiderMonkey (the JavaScript engine of the Firefox browser, using some advanced JIT-compilation techniques) gets misdetected as a virus (because AVs think it is self-replicating code).
So, if the programmers working at Microsoft, Google, Motorola and Mozilla have trouble making innocent programs that does not get detected by some antivirus software as malware, is not it kind of absurd to claim there are Russian hackers who can make actual malware that does that? It is obviously incredibly hard to make a good JavaScript engine that won't be detected as malware by some AV (since not even Mozilla can do it), so it must be significantly harder to make actual malware that won't be detected as malware by any AV, right?
This is a joke, right? Surely you don't really believe that malicious hackers don't have the skills to penetrate major US corporations and insert harmful software. I can personally attest to at least half a dozen such events that caused serious harm to companies that I've worked for. Iran's nuclear program was hacked about a decade ago and the damage set them back years. And the hackers have only gotten better. So yeah, hacking is as real as it gets.
Now, as to where the attacks are coming from, Russia is certainly a valid threat. Russia has plenty to gain from disrupting US corporations. Open war is not an option in the current world order, but make no mistake, we are at war with both Russia and China. Corporate war is the battlefield now and both China and Russia are the aggressors and for the most part they are kicking our ass. We've mostly just played defense so far. Trumps idiotic trade war was his idea of retaliation, but that's done more harm to the US than to China.
Why is it so?
~Julius Sumner Miller
~Julius Sumner Miller