The US has blamed Russia for attacks carried out by SolarWinds hackers.
Hackread.com previously reported that SolarWinds hackers infiltrated Microsoft’s systems, and several source code repositories were accessed. At the time, the tech giant claimed that hackers couldn’t modify the code or systems.
SolarWinds Saga Continues…..
In its latest report, Microsoft confirmed that SolarWinds hackers accessed the source code of three of its products, namely- Azure (its cloud computing service), Exchange (its mail and calendar server), and Intune (its cloud-based management solution).
The company now claims that the attacker could access just a small fraction of files. However, it also stated that the hackers used search terms that indicate they were trying to find company secrets.
Microsoft Confirms Customer Data is Safe
Microsoft has completed its investigation and confirmed that the hackers couldn’t obtain customer data. Furthermore, the company claims that they couldn’t find any evidence that hackers attacked other victims using its systems during their investigation.
SolarWinds- US’s Digital History’s Worst Breach
SolarWinds saga will go down in history as the worst ever data breach. In this wide-ranging hacking spree that began in Oct 2019 and was first reported by FireEye on 13 Dec 2020, the distribution system for a commonly used Orion network-management software from SolarWinds was compromised.
The attackers sent out malicious updates to Microsoft. They could have targeted around 18,000 other entities since the number of SolarWinds customers had downloaded the update.
Using the updates, the hackers compromised 9 federal agencies and at least 100 private-sector organizations. The US government alleged that the hackers had the support of the Kremlin.
Microsoft Official Statement
In its update posted on Thursday, the software maker announced that the investigation into its network’s hacking was complete. Company officials wrote:
“Our analysis shows the first viewing of a file in a source repository was in late November and ended when we secured the affected accounts. We continued to see unsuccessful attempts at access by the actor into early January 2021, when the attempts stopped.”
“Our development policy prohibits secrets in code and we run automated tools to verify compliance. Because of the detected activity, we immediately initiated a verification process for current and historical branches of the repositories. We have confirmed that the repositories complied and did not contain any live, production credentials.”