The hackers behind the mass Cyberattack SolarWinds, an operation allegedly backed by Russia that compromised the networks of many US agencies and Fortune 500 corporations, also broke into Microsoft’s internal systems and accessed one of the company’s most guarded secrets.: your source code.
“We detected unusual activity with a small number of internal accounts, and upon reviewing it, we found that an account had been used to view source code across multiple source code repositories,” said the Microsoft Security Response team. Center a a blog post Thursday.
Microsoft had previously confirmed who, like the scores of other cyberattack victims, unknowingly downloaded malicious code hidden in the popular SolarWinds Orion Platform network management tool. But Thursday’s disclosure is the first admission that hackers accessed the company’s internal systems.
It is still unclear what parts of Microsoft’s source code repositories the hackers managed to get. Three people reported on the matter he told Reuters that Microsoft has known for days that its source code was breached. When asked for comment on the matter, a Microsoft spokesman told the media that his security team was working “all day” and that “when there is useful information to share, they have posted it and shared “.
The company said Thursday that the compromised account could only view Microsoft source code as it did not have the necessary permissions to manipulate it. While its internal investigation is ongoing, Microsoft said it has so far found no “evidence of access to production services or customer data” and “there is no evidence that our systems were used to attack others.” “.
G / O Media may receive a commission
While hackers may not have been able to change Microsoft’s source code, even just taking a look at the company’s secret sauce could have disastrous consequences. Bad actors could use this kind of information about the internal workings of Microsoft services to help them circumvent their security measures in future attacks. Hackers basically got models on how to hack Microsoft products.
Experts believe that the Russian state-sponsored group known as ATP 29 infiltrated SolarWinds as early as 2019, but the attack went under the radar until earlier this month. The highly sophisticated hacker team reportedly used malware hidden in the Texas-based software company’s product that could quietly collect user data such as internal correspondence, keystrokes, and credentials.
Seconds SolarWinds, it is possible that more than half of its 33,000 Orion customers have become infected. Its clientele includes national security, state and treasury departments among dozens of other federal agencies, as well as three-quarters of Fortune 500 list corporations. Federal investigations are ongoing and the scope is still being discovered. of the attack, as illustrated by the latest Microsoft release.