Brad Smith, the Microsoft president, said its researchers believed “at least 1,000 very skilled, very capable engineers” worked on the SolarWinds hack. “This is the largest and most sophisticated sort of operation that we have seen,” Smith told senators.
It might have taken the actual hackers two men and a dog.
123P@ss
Rather reminds me of the old “IBM definition of a man-year” – 730 blokes trying to get something finished before lunchtime.. 🙂
Even big tech would have trouble keeping that many hackers on the job a secret.
So he must be referring to China Joe’s favourite people Xi and his gang. Oh wait…its RUSSIA!!!
Of course it is. Look how they fixed the 2016 and 2020 elections to ensure Trump won……
If they have all those software goons they don’t make good use of them do they? 1000 people’s wages for a dangerous prank? It shows what someone can do but is peanuts compared to a real conflict. All the major powers can destroy each other several times over. Proving they can fuck up software does what good in real terms? Any military stuff should be far better protected and nukes hopefully wont be fired by software that could be got at –or even by software at all.
Given that one autistic guy in in the UK broke into the Pentagon (I think)looking for UFO info then the Tech vapouring to the Senate should be taken with a Lot’s wife sized pinch of salt.
Yep, since they make a point of naming Russia that pretty much settles it that it ain’t. I’d pick China as my #1 guess, followed by an inside job by the NSA/CIA/Whoever as #2.
And it might have taken MS that much effort, but as Tim notes, the team of real engineers unconstrained by a frustratingly stupid corporate culture might well have been very much smaller.
And Crowdstrike, discount anythything that bunch of political hacks asserts, except for one thing they are right about AD is possibly the worst directory out there and there are far more secure and efficient alternatives, eDirectory for one.
It would’ve taken an infinite number of MS Pajeets, sitting at an infinite number of workstations, an infinite amount of time while wobbling their heads infinitively.
Otoh some of the most sophisticated cyber security schemes on the planet (PlayStation consoles) got hacked by a handful of dedicated autists.
“It might have taken the actual hackers two men and a dog.”
Providing it was a border collie.
Microsoft are just giving the answer the politicians want to hear. 1000 people means it’s Russia. And I’m not saying it isn’t Russia, but reading the Wikipedia details, 1000 sounds like an exaggeration. I’d say that less than 20 people could organise that.
Someone had to figure out the Office 365 credentials at Solar Winds, and that pretty much gave them the keys to everything. It’s a cute attack, interfering with the build system, especially leaving the attack dormant for 2 weeks, because no-one testing the build would notice. It’s why lots of businesses fence off certain parts from single sign-on.