Posted on January 1, 2021 at 4:53 PM
Tech giant Microsoft revealed recently that state-sponsored hackers from Russia hacked its network and accessed some of the company’s source code.
The Russian hackers were also behind widespread cyber-attacks on U.S. government and corporate systems.
This time, Microsoft said the hackers had access to its internal systems and viewed the source code used for building software products.
Initially, the tech giant confirmed that it downloaded malware from a software vendor known as SolarWinds Corp.
Microsoft did not have an idea about the infiltration until yesterday when it made the disclosure.
Microsoft revealed on the day that the hacking activities perpetrated by the Russian hackers on US private corporations and government agencies have extended to its network.
The report revealed that the hackers didn’t compromise other networks using Microsoft’s system, but they succeeded in viewing the company’s source code via an employee account.
Security researchers have been quick to point out that employee accounts are the most vulnerable links to any outside hacking attack. The hacking of Microsoft’s network seems to have given more credence to such an assertion.
Hackers compromised emails
Microsoft also revealed that the hackers succeeded in accessing the email accounts, as well as some products and services. However, the company didn’t reveal which product’s source code was viewed or how long the hackers were inside the network.
Initially, Microsoft said products’ source codes were not viewed in the attack. But it seems the firm is making a U-turn on its statements after further investigations about the incident.
The firm said the hacking attempt may have started in October 2019, at the same time the threat actors compromised the Texas-based company SolarWinds.
Solarwinds offers its technology monitoring services to most of the Fortune 500 companies, including Microsoft.
When the hackers compromised the SolarWinds system, they used the stolen software to infiltrate the Energy, State, Treasury, and Commerce Departments.
The hackers also went on a revenge mission to compromise FireEye, the security firm that disclosed the initial attack on SolarWinds.
The investigation into the Microsoft hack has not revealed much, as they are still trying to ascertain what the threat actors stole. But it has been confirmed that the attack was more widespread than initially thought.
Last week, a Fire Eye competitor CrowdStrike revealed that it was also targeted by the same hackers. However, it said the hackers were not successful and couldn’t infiltrate its systems.
For the unsuccessful attack, the threat actors used Microsoft resellers to access the company’s network.
A Wash-based company Redmond has also revealed that it was targeted by the same hackers, but there was no evidence of data breach or access.
But some of the firm’s cloud customers have reported a compromise of their system via a third-party partner that takes care of the firm’s cloud-access services.
Donald Trump disputes Russia’s involvement
The Department of Homeland Security also confirmed that SolarWinds was not the only avenue the Russian hackers used to launch an attack on American agencies and companies.
But President Trump is having another view about the nationality and sponsors of the attackers. According to his view, Russia is not responsible for the attack on the agencies, but China.
However, US Secretary of State Mike Pompeo and other top guns in the administration believed otherwise, choosing to accept the earlier Russian-linked report.
U.S. government officials have pointed out that only downloading a software update doesn’t lead to a hack, but having access to source code certainly does.
The hacking incident on Microsoft and other U.S. government agencies has been regarded as one of the most notorious in recent history. That’s because of the critical importance of the hack and the background of the victims considered some of the most secured in the world.
As a tech giant with lots of resources of technological resources at its disposal, one may not expect Microsoft to not be a victim of this widespread attack. However, the incident has proven that hackers, especially state-sponsored ones with sophisticated tools, will d everything possible to complete their mission.
Microsoft has now joined other top U.S. government agencies and a major cybersecurity company FireEye on the Russian hit list.
The hackers couldn’t modify any engineering systems or source code as the investigation revealed that no changes were made.