Daily Stuntz — Support Government cyber and IT folks today (really most days but especially today)

Going to keep this one short as there as lots of facts still to come and anything I say now will look wrong/dumb/useless in probably a few hours. In my previous life I worked at OMB for the Federal CIO and Federal CISO and this included during the OPM response so I am sure teams from across the government are hustling, there are stupid turf wars, people are not communicating all that well, but everyone is trying to address a really hard problem and we should help them however we can. This does not mean claim that our products would have solved this (but if you are just doing your job today and arent dealing with this giant shit show, then buy Virtru), and does not mean beating up on agencies or government as being very behind and lazy or any other nonsense. This stuff is hard and today is not the day to figure out all the mistakes, outline corrections, walk away and not help make it happen.

For those who are waking up unaware, below are some links that will get you caught up to speed and good luck to my friends and people I dont know who are dealing with this today.

Reutuers breaking news: https://www.reuters.com/article/us-usa-cyber-amazon-com-exclsuive/exclusive-u-s-treasury-breached-by-hackers-backed-by-foreign-government-sources-idUSKBN28N0PG

Washington Post attribution to Russia: https://www.washingtonpost.com/national-security/russian-government-spies-are-behind-a-broad-hacking-campaign-that-has-breached-us-agencies-and-a-top-cyber-firm/2020/12/13/d5a53b88-3d7d-11eb-9453-fc36ba051781_story.html

FireEye Blog on Solarwinds: https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html

CISA Emergency Directive last night: https://cyber.dhs.gov/ed/21-01/