WASHINGTON (Reuters) – A hacking campaign that used a US technology company as a springboard to engage a number of U.S. government agencies is “the largest and most sophisticated attack the world has ever seen.” said Microsoft Corp. President Brad Smith.
The operation, which was identified in December and which the U.S. government said was likely orchestrated by Russia, breached software made by SolarWinds Corp., which gave hackers access to thousands of companies and offices. government officials who used their products.
Hackers had access to emails from the U.S. Treasury, Justice and Commerce departments and other agencies.
Cybersecurity experts have said it could take months to identify compromised systems and expel hackers.
“I think from a software engineering perspective, it’s probably fair to say that this is the biggest and most sophisticated attack the world has ever seen,” Smith said during an interview aired Sunday on the CBS program “60 Minutes.”
The breach could have compromised up to 18,000 SolarWinds customers who used the company’s Orion network monitoring software and likely relied on hundreds of engineers.
“When we looked at everything we saw at Microsoft, we wondered how many engineers probably worked on these attacks. And the answer we got was probably more than 1,000, ”said Smith.
U.S. intelligence said last month that Russia was “likely” behind the SolarWinds breach, which they said was aimed at gathering intelligence rather than destructive acts. .
Russia has denied responsibility for the hacking campaign.
Brad Heath Reports; Editing by Heather Timmons and Peter Cooney