I'm starting to think it would just be easier to pay these guys a few million dollars to leave Russia and come work for us:
Microsoft said Thursday that suspected Russian hackers who targeted federal agencies and U.S. companies accessed more of its systems than previously believed.
The company revealed that the hackers managed to look at Microsoft source code through an employee account, although they were unable to access emails or Microsoft products and services. "Our investigation into our own environment has found no evidence of access to production services or customer data," Microsoft said in a blog post. "The investigation, which is ongoing, has also found no indications that our systems were used to attack others."
The cyberattack began as far back as October 2019, when the hackers breached systems at SolarWinds, a technology monitoring company used by government agencies and most Fortune 500 companies.
Solar Winds protected themselves by making their password Solarwinds123 so I'm not sure what remedy our government has against the incompetence and stupidity of all the companies that they've been forced to depend on for the last twenty years. The U.S. government has been outsourcing IT responsibilities to companies that have consistently let us all down because of an inability to understand the threat posed by Russia and other state-backed actors who have been running consistently ahead of us for a long time.
You'll never get the truth out of these people. If they admitted how bad something like this was, there'd be no way they'd ever get another lucrative contract. From anyone.
They have let us down because the focus is on letting any clown with a half-assed plan to make easy money run government IT programs as the low bidder on contracts that really should have gone to professionals with a real track record for delivering results. You can't award your entire agency's IT configuration to the sub-contractor who came in a few grand under the other guys. The whole structure of awarding government contracts being completely fucked has not left us in a great place. There are far too many people working government IT who have demonstrated that they have no idea what they're doing. Why do we keep making the same mistakes over and over again? They can't secure networks, they can't secure data, and they can't figure out how the Russians are able to exploit vendors and source code.
We should just start hiring these Russians and giving them a great life in Silicon Valley. Buy them houses, cars, and give them a great life. The alternative is to keep watching them tear up the government's rickety networks again and again.