The Department of Homeland Security (DHS) recently asked federal agencies to disconnect their SolarWinds server systems, since they might have been hacked. Dominion voting machines also use SolarWinds software.
The CEO of Dominion tried to disassociate his company from SolarWinds. “We don’t use the SolarWinds Orion package that was the subject of the DHS report from the 13th,” CEO John Poulos told legislators in Michigan.
However, The Epoch Times took a screenshot of a Dominion web page that showed that the company does indeed use SolarWinds technology. Dominion then modified their webpage and removed all references to SolarWinds.
It is being reported that a “highly sophisticated” adversary breached SolarWinds’ supply chain and placed malicious code inside the company’s Orion platform. The backdoor was created in a file that was digitally signed ‘valid’ by SolarWinds on March 24. The backdoor could bypass operating system security protocols without triggering any alarms.
When the backdoor is installed, it hibernates for two weeks. Once the two weeks has passed, the malicious code begins its operations. Cybersecurity company FireEye discovered the back door.
Russian hackers are believed to have been monitoring the internal emails of U.S. Commerce and Treasury Departments. The breach initiated a National Security Council meeting at the White House. The hackers allegedly broke into the network by tampering with updates from SolarWinds. The company’s platform is widely used across the military, executive branch, and the intelligence services. DHS’ Cybersecurity & Infrastructure Agency (CISA) issued a warning to mitigate the threat.
“The compromise of SolarWinds’s Orion network management products poses unacceptable risks to the security of federal networks… Tonight’s directive is intended to mitigate potential compromises within federal civilian networks, and we urge all our partners—in the public and private sectors—to assess their exposure to this compromise and to secure their networks against any exploitation,” the agency’s acting director Brandon Wales said in a statement.
Dominion uses SolarWinds, and third parties may have targeted it through the backdoor security flaw
SolarWinds publicly announced the threat and estimated that up to 18,000 customers are vulnerable to the breach. SolarWinds software has many tools that allow its accounts and services to receive elevated permissions on the equipment on which they are installed. For instance, its scripting tool can be used to build scripts that are capable of uploading and downloading information to and from thousands of systems all across the country in just mere seconds. Hackers who gain access to a company’s SolarWinds management server can easily break into numerous voting machines.
Dominion CEO John Poulos admitted during a Senate committee hearing in Michigan that some voting machines can connect to the internet. Interestingly, Dominion’s website claims that its servers are designed to not be connected to the internet. An audit of voting machines from Antrim County found that Dominion’s ImageCast Precinct machines are capable of connecting to the internet. The audit also found that Dominion machines are designed to manipulate the votes.