Hackers behind the massif SolarWinds cyber attack, a Russian-backed operation that compromised the networks of many U.S. agencies and Fortune 500 corporations, also penetrated Microsoft’s internal systems and accessed one of the company’s best-kept secrets.: its source code.
“We detected unusual activity with a small number of internal accounts, and after reviewing, we found that an account was used to view the source code in a number of source code repositories,” said the Microsoft Security Response Center team in a blog post on Thursday.
Microsoft had previously confirmed that, like the scores of other cyber attack victims, he unknowingly downloaded the malicious code hidden in the popular SolarWinds Orion Platform network management tool. But Thursday’s revelation is his first admission that hackers have access to the company’s internal systems.
Exactly what portions of Microsoft’s source code repositories managed to get hold of the hackers remains unclear. Three people were briefed on the matter told Reuters that Microsoft has known for days that its source code has been violated. When contacted for comments on the matter, a Microsoft spokesman told reporters that his security team works “non-stop” and that “when there is information that can be shared, they have published and -they distributed ”.
The company said on Thursday that the compromised account could view Microsoft’s source code only because it did not have the necessary permissions to alter it. While its internal investigation is ongoing, Microsoft said it has so far found “no evidence of access to production services or customer data” and “there are no indications that our systems have been used to attack others.” “.
G / O Media may receive a commission
While hackers may not have been able to change Microsoft’s source code, even a glance at the company’s secret sauce could have disastrous consequences. Bad actors could use this type of perspective on the inner workings of Microsoft’s services to help them bypass its security measures in future attacks. Hackers have essentially gotten into plans on how to potentially hack Microsoft products.
Experts believe that Russian state-sponsored group known as ATP 29 has infiltrated SolarWinds since 2019, but the attack went under the radar until earlier this month. The highly sophisticated team of hackers allegedly used malware hidden on the product of the Texas software company, which could quietly collect data about users, such as internal correspondence, keys and credentials.
Conformable SolarWinds, more than half of Orion’s 33,000 customers could have been infected. His clientele includes the Departments of Homeland Security, State and Treasury among dozens of other federal agencies, as well as three-quarters of Fortune 500-listed corporations. Microsoft.