The masterminds behind the SolarWinds incidents at Microsoft have penetrated much further into the company system than previously known. The US software company announced on New Year’s Eve that it had established new investigations that the cyber attackers had reached the crown jewels of data code. The damage is limited, however.
Initially, Microsoft only stated that it had discovered compromised networks from the US provider SolarWinds in its own system environment. These have been removed. However, unusual attacks of accounts by employees have now been tracked down. The cyber attackers used an account to view source of relevant directories. The account was not linked to change code or networks. The results also confirmed that nothing had been converted. The accounts taken over by the cyber attackers have also been cleaned up. Microsoft did not go into information about whether the cyber attackers could see the source of Windows.
Security experts emphasize that the threats were based on the assumption that hackers could gain knowledge of the source. An inspection of the network is therefore not associated with an increased danger. Microsoft underlined that it had not provided the government in China with any source for testing purposes as part of the work on a Windows 10 in order to protect its intangible crown jewels.
Neither the security of our providers nor any customer data were in danger, is the announcement from Redmond. There is also still no evidence that the software giant’s networks have been misused for attacks on third parties. Transparency and the sharing of experiences are important in such an event.
Broad Attack On Companies
The malware used by the attackers had been smuggled into the networks of up to 20,000 customers of the provider, including Microsoft. These included several US authorities. The malware installed a back door there, thus initiating the remote takeover of infected networks. The same as yet unidentified malware that had previously successfully attacked the security company FireEye is said to be behind the attacks.