Microsoft is on the list of victims of Russian cybercriminals who attacked several US agencies and private organizations, and the Redmond company confirmed at the end of last week that the pirates were able to see more internal code than was initially estimated. The hackers, presumably working for the Russian intelligence agency SVR, were unable to view the source code for Microsoft products or change what they saw and had no access to the company’s emails. Even so, the break ends up being greater than initially calculated.
It is recalled that in the first phase, Microsoft advanced that although the investigation was ongoing, there was no evidence that the pirates had access to services in production, to customer data or that they had used their systems to attack others remember the New York Times.
This wave of cyber attacks started in October 2020, taking advantage of a hack to the company SolarWinds, which supplies 425 companies on the Fortune 500 list. The network management software provided by SolarWinds was hacked and ended up being used for attacks in various departments. US state-owned companies. Investigations to assess the scale of the ‘damage’ are still ongoing.
Last week, CrowdStrike revealed that it was the target of an unsuccessful attack attempt and that the pirates used Microsoft resellers to try to gain access to the systems.
Donald Trump, who is said to have privately commented that the attack is a “hoax”, has publicly suggested that China is behind these initiatives. Joe Biden, who will assume the presidency of the United States within weeks, has already confirmed that his administration will not be able to trust the software and networks that the agencies use to manage their affairs.
According to the latest data, the affected version of the SolarWinds software has been installed by more than 18,000 business customers, in what is being considered the cyberattack of the decade.