Microsoft claims that the suspected Russian hackers might have accessed the Microsoft source code. This was done as part of the same act, which has diagnosed several renowned US companies being infiltrated by suspected Russian hackers.
Initially, Microsoft claimed that it was safe during the entire wave of companies getting hacked. However, though the investigation is ongoing, Microsoft now assures the hackers only viewed their source code; they did not use Microsoft systems to attack others. The company believes hackers could not access its emails or products and services, but it was not specified which product’s source code was accessed and for how long.
The company posted a blog claiming, “Our investigation into our own environment has found no evidence of access to production services or customer data, the investigation which is ongoing has also found no indications that our systems were used to attack others.”
Microsoft further reported “We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories. The account did not have permissions to modify any code or engineering systems and our investigation further confirmed no changes were made. These accounts were investigated and remediated.”
How the hack started?
The story behind this series of hacks dates back to October 2019, when the Texas company SolarWinds was breached. SolarWinds provides tech monitoring services for government agencies and to most of the fortune 500 companies. The security breach of such a high profile company connected to others put all of them under threat. SolarWinds’ hacking further led to penetration in the Commerce, Treasury, State, and Energy Departments. Even FireEye, a well-known cybersecurity company, was also breached, who revealed it earlier in December 2020.
SolarWinds said that the compromised software found its way into the network of 18,000 of its users. Originally, all companies’ suspicions, which include FireEye, SolarWinds, and Microsoft, stated only a few dozens of systems were breached. However, recent inquiry suggests the real number of victims could be much higher.
The Homeland security department then confirmed that SolarWinds was only one of the hackers’ sources to access others. This was followed by confirmation from Microsoft resellers that the hackers also approached. It was used to breach another cybersecurity company, CrowdStrike.
Investigators are still trying to figure out what the hackers stole. As long as that remains unclear, the purpose of the hack will remain a mystery.
The story runs further deep as President Donald Trump claimed that it is highly possible the orchestrator of the entire attack was China and not Russia. However, this accusation was disputed by some senior members of the parliament, including the Secretary of State Mike Pompeo.
On the other hand, President-elect Joe Biden accuses Mr. Trump and his government’s incapabilities that led to such disastrous measures. He said, “This assault happened on Donald Trump’s watch when he wasn’t watching.” He confirmed the intrusion of American security agencies and renowned companies would not go unpunished once he takes office in four weeks’ time.
Mr. Biden’s chief of staff, Ron Klain, has stated the administration plans an uncompromising answer for this act. Mr. Klain said,
“Those who are responsible are going to face the consequences for it; It’s not just sanctioned. It’s also steps and things we could do to degrade the capacity of foreign actors to repeat this sort of attack or, worse still, engage in even more dangerous attacks.”
The officials are still worried about the purpose of the attack. It could be possible that Russia has made its hidden gateway into the systems used by government agencies. On the other hand, Microsoft has claimed they do not rely on source code secrecy as its security measure, and most are people. The only threat is what they could do with the knowledge of the source code, which had been viewed using some employee systems detected after unusual activity.
Image: Jeenah Moon/Bloomberg