“The attack unfortunately represents a broad and successful espionage-based assault on both the confidential information of the U.S. Government and the tech tools used by firms to protect them,” Smith wrote. “The attack is ongoing and is being actively investigated and addressed by cybersecurity teams in the public and private sectors, including Microsoft.”
Microsoft has been working as an investigative partner to cybersecurity firm FireEye, which is also a victim and issued the first warning about the supply chain attack.
Previously, FireEye also identified victims across several sectors and countries, including government, consulting, technology, telecom and extractive entities in North America, Europe, Asia and the Middle East.
Earlier Thursday, Reuters reported that Microsoft had been compromised as well. Microsoft said it has “isolated and removed” a vulnerability in its systems tied to third-party software that had facilitated a suspected Russian hacking campaign.
Updates to the software sold by SolarWinds were used as a carrier for malicious code that US officials believe may be linked to Russia. That software was found in Microsoft’s network, the company said in a statement Thursday evening.
The statement marks Microsoft’s first public acknowledgment that in addition to investigating the malware, it was also a victim of it.
“Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious Solar Winds binaries in our environment, which we isolated and removed,” the statement said.
Microsoft has not found evidence that an actual data breach occurred or that the attackers exploited their access, the company added. The company pushed back on a Reuters report that suggested Microsoft’s products had been used to compromise other victims.
“Our investigations, which are ongoing, have found absolutely no indications that our systems were used to attack others,” Microsoft said.
This story has been updated with acknowledgment from Microsoft that it was compromised.
Privacy & Cookies Policy
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.