Microsoft admitted Thursday that attackers who led a massive hack into government and private computer networks were given access to internal source code, an important building block for its software.
However, the US tech giant said the attack, which senior US officials attributed to Russian-led hackers, failed to compromise or modify its software.
The news reveals an even broader vector of attack for breach of security software by the US company SolarWinds.
The hackers are also believed to have gained access to the systems operated by the US Treasury Department, the Department of Energy and Homeland Security, as well as a host of other victims in the government and private sectors.
Microsoft had previously detected “harmful SolarWinds applications” in its systems. In an update to its internal investigation, the company said the hackers had penetrated their systems more deeply than previously thought.
“We saw unusual activity with a small number of internal accounts, and upon verification, we found that one account was being used to view source code in a number of source code repositories,” Microsoft said Security blog.
“The account did not have permission to change code or technical systems, and our investigation also confirmed that no changes were made. These accounts have been investigated and corrected.”
Microsoft claimed that the recent revelation “hasn’t compromised the security of our services or customer data, but we want to be transparent and share what we learn as we fight what we believe to be a highly developed nation-state actor.”
Both US Attorney General Bill Barr and Secretary of State Mike Pompeo have attributed the attack to a Russia-led effort while President Donald Trump has refused to point a finger at Moscow.
The Cybersecurity and Infrastructure Security Agency (CISA) said US government agencies, critical infrastructure companies and private sector organizations were exposed in the month-long cyber attack.
Is Mi QLED TV 4K the best affordable smart TV for enthusiasts? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts, Google Podcasts, or RSS, Download the episodeor just hit the play button below.
Source link : https://gadgets.ndtv.com/internet/news/solarwinds-hack-microsoft-viewed-internal-source-code-unable-to-modify-change-2346338#rss-gadgets-all