- Daily Zen
Microsoft president Brad Smith warns the SolarWinds hack reveals “an attack that is remarkable for its scope, sophistication and impact.”
Microsoft Corp. said its systems were exposed to the malicious malware used in the SolarWinds hack that targeted several U.S. states and federal agencies.
The Redmond, Washington company is a user of SolarWinds’ Orion IT software which hackers targeted to carry out the wide-ranging cyberattack that ripped through parts of the U.S. government. Once in Microsoft’s network, the company’s products were then used to further the attack on others.
It was not immediately clear how many Microsoft users were affected by compromised products. The Department of Homeland Security said earlier this week that hackers used multiple entry points to carry out one of the most sophisticated and large-scale attacks on American infrastructure.
Microsoft has been working to notify “more than 40 customers that the hackers targeted more precisely and compromised through additional and sophisticated measures,” said the company’s president Brad Smith.
The United States government continues to face the aftermath of the recent SolarWinds cyberattack. Authorities have expressed concern over the scope of the hack that rattled top federal agencies, including the US Treasury, the energy department and the commerce departments. The hacking campaign is even said to have targeted the agency responsible for the nation’s nuclear weapons stockpile.
In a statement on Thursday, the Cybersecurity and Infrastructure Security Agency (CISA) warned that it will be difficult to eliminate the malware inserted through SolarWinds Orion Network Management Products.
“Removing this threat actor from compromised environments will be highly complex and challenging for organizations,” the agency said.
SolarWinds said earlier this week that up to 18,000 of its more than 300,000 customers had downloaded the trojanized version of its compromised software. Hackers introduced malware into the IT software provider’s popular network safety tool called Orion, which is used by numerous federal agencies and large corporations.
The hack began as early as March, when the malicious code was introduced to Orion. The malware gave the hackers remote access to an organization’s networks, including internal emails. The scope of the hack still remains unclear.
CISA said it was continuing to analyze the other entry methods used by the attackers. The hackers are known to have at least monitored email or other data within the US departments of defense, state, treasury, homeland security and commerce.
The agency did not identify behind the SolarWinds hack but private security companies suspect it could be the work of Russia.
Hours after the CISA alert was issued, the US Energy Department said it had evidence hackers gained access to their networks as part of the SolarWinds hacking spree. The department said the impact has been isolated to business networks and “has not impacted the mission-essential national security functions of the Department, including the National Nuclear Security Administration (NNSA),” which oversees the nation’s stockpile of nuclear weapons.
Federal authorities and cyber security experts are warning that the incident should serve as a wakeup call for both the government and private sector companies, as foreign elements will conduct similar attacks in the future.
As for Microsoft, Smith said the cyberattack “represents an act of recklessness that created a serious technological vulnerability for the United States and the world.”
We need a more effective national and global strategy to protect against cyberattacks,” he wrote in blog addressing the scope of the SolarWinds breach.
The FBI and other agencies have scheduled a classified briefing for members of Congress Friday.