Microsoft President Brad Smith has warned that SolarWinds’ wide range of Orion IT software is “continuing,” and that research is revealing an “incredible attack for its range, luxury and impact.” . ” The breach targeted several U.S. government agencies and is believed to have been perpetrated by Russian nationalist state hackers.
Smith described the hack as “a moment of counting” and vaguely explained just how big and dangerous Microsoft believes the hack is. It “represents an act of carelessness that has created a real technological fragility for the United States and the world,” Smith argues.
He believes that “it is not just an attack on specific targets, but on the reliability and trustworthiness of the world’s critical infrastructure to advance a single nation intelligence group. “While the post comes a short stop from blatantly accusing Russia, the impact is clear. “The coming weeks will provide a boost and we believe there is unequivocal evidence of the source of these recent attacks,” said Smith.
To show just how far away the hack was, Smith introduced a map that used telemetry taken from Microsoft’s Anti-Virus Defender software to show people who had drafts of the Orion software that contained malware from the hackers.
:format(webp):no_upscale()/cdn.vox-cdn.com/uploads/chorus_asset/file/22181335/cyber1_960x540.jpg)
Microsoft has also been working this week to inform “more than 40 customers that the attackers were targeting more precisely and engaging through additional and more sophisticated measures, ”According to Smith. About 80 percent of those customers are located in the U.S., but Microsoft identified victims in Canada, Mexico, Belgium, Spain, the UK, Israel, and the UAE. “It is certain that the number and location of victims will continue to grow,” said Smith.
Investigations are still ongoing. The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI) issued a joint statement Wednesday saying they were coordinating “whole government. respond to this important cyber event. “And Smith warned” we should all be prepared for stories of additional victims in the public sector and other initiatives and organizations. “
Earlier on Thursday, Reuters Microsoft reported that it had been hacked as part of the breach and that “its own results have been reduced to thwart the attacks on others.” But Microsoft denied that claim in a statement to The margin:
Like other SolarWinds customers, we have been actively looking for signs of this actor and can confirm that we have found malicious Solar Wind binaries in our environment, which we have removed and removed. . We found no evidence of access to production services or messenger data. Our ongoing investigations found no signs that our systems were being used to attack others.
Microsoft has been responding to the hack since December 13th, including blocked versions of SolarWinds Orion that contained the malware. Microsoft and a consortium of tech companies also took control of land that played a key role in the SolarWinds bankruptcy, ZDNet recitation.
SolarWinds has also taken the step to hide a list of high-profile clients from its website, possibly to protect them from negative publicity. The list included more than 425 of the companies on the Fortune 500.
For Microsoft, Smith used his role to use a more organized, universal response to cyberattacks, both at government level and among private institutions. “We need a more effective national and global strategy to protect against cyberattacks,” he writes. Microsoft is also looking for “stronger measures to hold national states accountable for cyberattacks. ”