Microsoft is reportedly continuing to investigate the massive SolarWinds attack. While investing, the company has found that its systems were infiltrated “beyond just the presence of malicious SolarWinds code.”
As per an update from its Security Response Center, the company said that hackers were able to “view source code in a number of source code repositories,” but that the hacked account granting such access didn’t have permission to modify any code or systems. The company points to “a very sophisticated nation-state actor” as the culprit.
Interestingly, the US government and cybersecurity officials have indicated Russia as the architects of the overall SolarWinds attacks. The attack exposed an extensive list of sensitive organizations already and as per Microsoft’s latest disclosure, it seems we will still be unravelling the implications of the attack for weeks and months to come.
However, it must be noted that Microsoft has stated that even though hackers went deeper this time, it found “no evidence of access to production services or customer data,” and “no indications that our systems were used to attack others.”
Microsoft said it assumes adversaries are able to view its source codes so, in order to keep its products secure, it does not rely on the secrecy of source codes anymore. Microsoft has not disclosed how much code was viewed and for what purpose the code was used.
Earlier in December 2020, Microsoft President Brad Smith said the attack was a “moment of reckoning” and warned “This is not ‘espionage as usual. In effect, this is not just an attack on specific targets, but on the trust and reliability of the world’s critical infrastructure in order to advance one nation’s intelligence agency.”