Microsoft suffered Russian hack attack

Photo: EPA

The software giant Microsoft Corp confirmed that it had found malicious software in its systems related to a hacking campaign admitted by US, adding a top technology target to a growing list of attacked government agencies.

US officials have warned that a sophisticated hacking campaign uncovered this week poses a "grave risk" to the government, critical infrastructure and the private sector. The US Treasury and commerce departments were among those attacked.

Microsoft is a user of Orion, the widely deployed networking management software from SolarWinds Corp which was used in the suspected Russian attacks on vital US agencies and others, Reuters said.

Up to 18,000 SolarWinds Orion customers downloaded updates containing a back door that let hackers in. Microsoft also had its own products leveraged to attack victims, said people familiar with the matter. The US National Security Agency issued a rare “cybersecurity advisory” detailing how certain Microsoft Azure cloud services may have been compromised by hackers and directing users to lock down their systems.

“Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious Solar Winds binaries in our environment, which we isolated and removed,” a Microsoft spokesperson said, adding that the company had found “no indications that our systems were used to attack others.” One of the people familiar with the hacking spree said the hackers made use of Microsoft cloud offerings while avoiding Microsoft’s corporate infrastructure.

Similar articles