Microsoft president sounds alarm on ‘ongoing’ SolarWinds hack, identifies 40 more precise targets
Microsoft president Brad Smith warned that the wide-ranging hack of the SolarWinds’ Orion IT software is “ongoing,” and that investigations reveal “an attack that is remarkable for its scope, sophistication and impact.” The breach targeted several US government agencies and is believed to have been carried out by Russian nation-state hackers.
Smith characterized the hack as “a moment of reckoning” and laid out in no uncertain terms just how large and how dangerous Microsoft believes the hack to be. It “represents an act of recklessness that created a serious technological vulnerability for the United States and the world,” Smith argues.
He believes that it “is not just an attack on specific targets, but on the trust and reliability of the world’s critical infrastructure in order to advance one nation’s intelligence agency.” Though the post stops short of explicitly accusing Russia, the implication is very clear. “The weeks ahead will provide mounting and we believe indisputable evidence about the source of these recent attacks,” according to Smith.
To illustrate just how far-reaching the hack was, Smith included a map that used telemetry taken from Microsoft’s Defender Anti-Virus software to show people who had installed versions of the Orion software that contained malware from the hackers.
Microsoft has also been working this week to notify “more than 40 customers that the attackers targeted more precisely and compromised through additional and sophisticated measures,” according to Smith. Approximately 80 percent of those customers are located in the US, but Microsoft also identified victims in Canada, Mexico, Belgium, Spain, the UK, Israel, and the UAE. “It’s certain that the number and location of victims will keep growing,” Smith said…Read more>>