Microsoft says that its systems were breached “beyond just the presence of malicious SolarWinds code;” even stating that the attackers saw its source code, as it continues with its investigation into the massive attack.
The tech giant says it found an update from its Security Response Center, that the hackers were able to “view source code in a number of source code repositories”. However, it says that the hacked account granting such access didn’t have any permissions to modify any code or systems.
– Samsung Begins Rolling Out Its UI.3.0 Update To Older Devices
– Big Tech Companies Reportedly Affected In SolarWinds Software Hack
– Ticketmaster To Pay CrowdSurge $10 Million In Compensation Over Hack
Microsoft fingers “a very sophisticated nation-state actor” as the perpetrator of the attack but the US government and cybersecurity officials have pointed at Russia as the architects of the attack. The hack exposed quite a number of sensitive organisations. This disclosure just shows that the full extent of the attack is still unknown.
Microsoft says “no evidence of access to production services or customer data”. It also says it found no indications that the hackers used its systems to attack others”.
The company says that it regularly assumes its adversaries are able to view its source code and thus, does not rely on its secrecy to secure its products. Microsoft also did not disclose how much source code the SolarWinds attackers saw or its use.
Microsoft President Brad Smith had described the attack saying “this is not espionage as usual”. “In effect, this is not just an attack on specific targets, but on the trust and reliability of the world’s critical infrastructure in order to advance one nation’s intelligence agency,” He said.
Make sure to follow Plat4om on Twitter @Plat4omLive, on Instagram @Plat4om, on LinkedIn at Plat4om, and on Facebook at Plat4om. You can also email us at firstname.lastname@example.org. Also, don’t forget to subscribe to our YouTube channel HERE.