English News

  • youtube
  • facebook
  • twitter

SolarWinds hacking group singes Microsoft too

The hacking group involved in the SolarWinds scam also succeeded in breaking into Microsoft Corp and access some of its source code, the Bill Gates-founded company admitted in a blog post on Thursday.

This has raised concern among cyber experts as a source code is the key to run the software of technology companies and any access to it makes users of the software vulnerable to bigger hacking in the future.

It is not clear how much of Microsoft’s source code the hackers were able to access, but the disclosure suggests that the group who used software company SolarWinds to break into sensitive U.S. government networks also targeted Microsoft products.

Although Microsoft had earlier disclosed that like other firms it found malicious versions of SolarWinds’ software inside its network, but the new disclosure about the source code being hacked makes the issue even more serious. Microsoft products, which include the Office productivity suite and the Windows operating system are amongst the most widely used worldwide.

However, Microsoft said in its blog post that it had found no evidence of access “to production services or customer data.”

“The investigation, which is ongoing, has also found no indications that our systems were used to attack others,” it said.

“As with many companies, we plan our security with an “assume breach” philosophy and layer in defense-in-depth protections and controls to stop attackers sooner when they do gain access. We will provide additional updates if and when we discover new information to help inform and enable the community. As we learn more from our own internal investigation, and from helping customers, we will continue to improve our security products and share these learnings with the community,” Microsoft added.

The SolarWinds hack is among the biggest hacking operations to be ever discovered, compromising several US federal agencies and potentially thousands of companies and other institutions. US government and private sector investigators are currently examining their systems to try to ascertain whether their data has been stolen or modified.

U.S. officials have attributed the SolarWinds hacking campaign to Russia, but Moscow has denied the allegation..