[ad_1]
Microsoft Corp. was violated as part of the massive hack that used a backdoor in SolarWinds software, in what the tech giant’s chairman called “effectively an attack on the United States.”
Reuters reported Thursday that after infiltrating Microsoft, hackers used its products to attack others.
While Microsoft MSFT,
Officials confirmed the breach, they denied that its products were used to prosecute piracy.
“Like other SolarWinds customers, we are actively researching indicators of this player and can confirm that we have detected malicious SolarWinds binaries in our environment, which we have isolated and removed,” Microsoft spokesperson Frank Shaw said on Twitter. “We did not find any evidence of access to production services or customer data. Our investigations, which are ongoing, have found absolutely no indication that our systems have been used to attack other people.
In a blog post Thursday, Microsoft President Brad Smith said, “This latest cyber attack is in fact an attack on the United States”, calling the hack a “moment of judgment.”
The hack, which was first reported on Sunday, is perhaps the most widespread and damaging to ever hit the United States. The Cybersecurity and Infrastructure Security Agency said Thursday that “critical infrastructure” had been breached and the risk to government and private networks was “the grave.”
Around 18,000 companies – including the vast majority of S&P 500 SPX,
businesses – and US government agencies, such as Treasury and Commerce, have fallen victim to the malware. SWI SolarWinds,
said Thursday it has already patched the software vulnerability. The Wall Street Journal reported Thursday that the hackers were extremely stealthy and used novel hacking tools. Government and business are still in the process of determining how much information has been compromised.
Smith said Microsoft’s cybersecurity team agrees with FireEye FEYE’s findings,
CEO Kevin Mandia, who said a nation state was most likely behind the attack. Russia is the prime suspect.
“The attack unfortunately represents a large and successful espionage attack on confidential US government information and the technological tools used by companies to protect it,” Smith said.
Smith warned the attack was “in progress” and said at least seven other countries were affected, including Canada, the United Kingdom, Spain, Israel and the United Arab Emirates. “It is certain that the number and location of victims will continue to increase,” he said.
“It’s not ‘spying as usual’, even in the digital age,” Smith said. “Instead, it represents an act of recklessness that has created severe technological vulnerability for the United States and the world. In fact, it is not just an attack against specific targets, but against the trust and reliability of the world’s critical infrastructure. ”
He called for a strong and coordinated global response to cyber attacks, from the private and public sectors, as well as the accountability of nations in the event of cyber attacks.
“We live in a more dangerous world and this requires a stronger, better coordinated response,” Smith wrote.
[ad_2]
Source link