Security News > 2020 > December > Microsoft Caught Up in SolarWinds Spy Effort, Joining Federal Agencies

Microsoft Caught Up in SolarWinds Spy Effort, Joining Federal Agencies
2020-12-18 16:42

The ongoing, growing campaign is "Effectively an attack on the United States and its government and other critical institutions," Microsoft warned.

There are six known federal entities that have been impacted by the attack: The Pentagon, the Department of Energy, the Department of Homeland Security, the National Institute of Health, the Department of Treasury and the Department of Commerce.

Microsoft's update comes as the U.S. Cybersecurity and Infrastructure Security Agency warned that there could be additional initial-access vectors used by the attackers, beyond the SolarWinds Orion platform.

Sources told Reuters that the hackers used Microsoft's Azure cloud offerings as part of their attacks, but the Microsoft spokesperson said that there are "No indications that our systems were used to attack others."

A classified briefing from the FBI and other agencies for members of Congress on the attacks is scheduled for Friday.


News URL

https://threatpost.com/microsoft-solarwinds-spy-attack-federal-agencies/162414/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 480 75 2308 5127 264 7774
Solarwinds 45 1 84 103 43 231