Microsoft said Thursday that dozens of its customers, including companies in Israel and the United Arab Emirates, were targeted as part of the massive cyber attack on U.S. government institutions discovered last week. seo.
The tech giant called it a “global cybersecurity response” after the attack, and identified Israel’s private sector as a source of potential threats.
The hockey attack was linked to Russia and hit several U.S. government agencies, including the country’s nuclear weapons stockpile, according to a report Thursday.
Get The Daily of Israel’s Daily Edition by Email and don’t miss our top stories for free
One U.S. official said the attack “looked likely to be the worst case in American history.”
Microsoft said in a blog post Thursday that the incident was “effectively an attack on the United States and its government and other emergency centers.”
The company said its own cybersecurity experts were helping to respond to the attack, which was ongoing and “amazing for its range, comfort and impact.”
The attack was carried out through software by a Texas-based third-party network management company called SolarWinds. The company’s software was used by the attackers to hack into other unverified computer networks. Microsoft said its investigation had identified dozens of customers themselves who had installed the malware and were targeted by the attackers.
“Installing this malware created an opportunity for the attackers to track and pick and choose among the customers of the company they wanted to attack, which they apparently did. in a narrower and more focused fashion, ”the company said.
At least 40 of its customers have been targeted and compromised, Microsoft said. Eighty percent of the targets were in the U.S., but so far the company has identified victims in seven other countries – Israel, the UAE, Canada, Mexico, Belgium, Spain and the UK.
The statement did not provide details about the identities of the victims, but said it included government agencies, information technology companies, NGOs, government contractors and others. He said the number and locations of known targets will rise as the investigation continues, and that Microsoft was alerting customers who were hit.
The company said in their statement that they had detected the malicious software in their own systems, but found no signs of damage.
Microsoft’s statement, according to company president Brad Smith, was designed as a call for a strong global cyber-security response, highlighting the growing threat of cyberwarfare worldwide.
“This is not ‘espionage as usual,’ even in the digital age. Instead, it represents an act of negligence that has created a real technological vulnerability for the United States and the world, ”said Microsoft. “It requires that we look with a clear eye on the growing threats and promise more effective and collaborative leadership with the government and tech sector in the United States to overcome due to a strong and coordinated global cybersecurity response. “
The statement cited the Israeli private sector, and the Israeli company NSO Group, as potential threats. They said the NSO Group posed a new, growing threat of private cybersecurity attacks “similar to 21st century mercenaries.”
The company is accused of developing software used by governments to spy on its citizens, including journalists and human rights activists.
“NSO represents the growing potential between solemn technology in the private sector and national state invaders,” Microsoft said.
He called on the incoming Biden administration to oppose the NSO group in a U.S. lawsuit against the company.
The statement said the U.S. should pursue talks with other countries that are provoking offensive actors in the private sector, clarifies Israel, “which has a strong cybersecurity ecosystem that can be pulled into support dangerous to authoritarian governments. “
An Israeli woman uses her phone in front of a building in Herzliya that housed the NSO Group intelligence company, August 28, 2016. (Jack Guez / AFP / File)
Earlier Thursday, U.S. federal authorities issued further warnings about the introduction of U.S. and other computer systems around the globe in the alleged attack by officials carried out by Russian hackers. The country’s cybersecurity body has warned of a “serious” threat to government and private networks.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said the harassment had damaged federal agencies as well as “critical infrastructure” in a vicious attack that was difficult to detect and difficult to remove. out.
CISA did not say what agencies or infrastructure were broken down or what information was leaked in an attack it said it apparently started in March.
The attack was first discovered by U.S. cybersecurity company FireEye.
U.S. officials told the Politico news site that the attack in the U.S. hit systems of the U.S. Department of Energy and the National Nuclear Security Administration. It was not immediately clear whether the hackers were able to access any data on these networks, and if so, what information was leaked.
The hack, if authorities can indeed prove that it was made by a nation like Russia as experts believe, creates a new foreign policy problem for US President Donald Trump in his last days. in the post.
Trump, whose administration has been criticized for ousting a White House cybersecurity adviser and reducing Russia’s intervention in the 2016 primary election, has not made any public statements about it. break.
Russian President Vladimir Putin (right) looks to US President Donald Trump, as Trump speaks at a press conference in Helsinki, Finland, July 16, 2018. (AP / Pablo Martinez Monsivais)
Over the weekend, amid reports of a breach of the Department of Finance and Commerce departments, CISA directed all civilian agencies of the federal government to remove SolarWinds from their servers. British and Irish cybersecurity organizations have issued similar warnings.
A U.S. official told the Associated Press that Russian-based spies were suspected, but neither the CISA nor the FBI have publicly stated who was believed to be responsible. When asked if Russia was behind the attack, the official said: “We believe that. We have not said that publicly yet as it is not 100% proven. “
Another U.S. official, speaking Thursday on condition of anonymity to discuss a case under investigation, said the hack was harsh and extremely destructive although the administration was not yet ready to blame it. someone publicly for it.
“This seems to be the worst case in American history,” the official said. “They got into it all.”
The official said the administration is working on the assumption that most, if not all, government agencies were put at risk but the extent of the damage was not yet known.
The manufacturers’ intentions appear to be spying on and gathering valuable information rather than destroying it, according to security experts and former government officials.
Business sectors that are scrambling to protect their systems and assess potential information theft include defense contractors, technology companies and telecommunications and grid suppliers.