Security News
Microsoft on Thursday said it concluded its probe into the SolarWinds hack, finding that the attackers stole some source code but confirmed there's no evidence that they abused its internal systems to target other companies or gained access to production services or customer data. The disclosure builds upon an earlier update on December 31, 2020, that uncovered a compromise of its own network to view source code related to its products and services.
Microsoft announced today that the SolarWinds hackers gained access to source code for a limited number of Azure, Intune, and Exchange components. After internal investigations of their use of the SolarWinds platform, Microsoft announced in December that they were affected by the attack and that hackers could gain access to a limited amount of source code repositories.
Microsoft announced today that the SolarWinds hackers gained access to source code for a limited number of Azure, Intune, and Exchange components. After internal investigations of their use of the SolarWinds platform, Microsoft announced in December that they were affected by the attack and that hackers could gain access to a limited amount of source code repositories.
SolarWinds introduced Kevin Kline as the newest member of the company's Head Geek team, deepening its bench of database and Microsoft data platform expertise. "The SolarWinds Head Geeks have a deep connection with the IT community, providing sound advice and perspectives from real-world experience they've gained as IT professionals throughout their careers," said Darren Beck, CMO, SolarWinds.
Many companies still expose SolarWinds Orion to the internet and have failed to take action following the disclosure of the massive SolarWinds breach, according to RiskRecon, a Mastercard company that specializes in risk assessment. Threat actors believed to be backed by Russia breached Texas-based IT management firm SolarWinds and used that access to deliver a piece of malware named Sunburst to roughly 18,000 customers who had been using the company's Orion monitoring product.
Microsoft president Brad Smith said the software giant's analysis of the SolarWinds hack suggests the code behind the crack was the work of a thousand or more developers. Speaking on US news magazine program 60 Minutes, Smith labelled the attack "The largest and most sophisticated attack the world has ever seen."
Senators are now demanding more information about the attacker's infiltration of the US court system, which has already been forced to make changes in how documents are filed as a result of the attack. "Highly sensitive documents should be stored in a secure paper filing system or a secure standalone computer system that is not connected to any network, particularly the internet. The AO will provide courts with model language for a standing or general order as well as advice and guidance on how to establish and securely maintain a standalone computer system if a court chooses that option."
After members of Congress criticized as "Disorganized" the U.S. response to a massive breach of government departments and private corporations discovered late last year, the White House announced Wednesday that a senior national security official had been leading the effort since the first day of the Biden administration. Anne Neuberger, the deputy national security adviser for cyber and emergency technology, was in charge of remediating the hack, identifying issues with the federal government's response and launching a study aimed at preventing similar incidents, the White House said.
Image: USCG. The U.S. Coast Guard has ordered MTSA-regulated facilities and vessels using SolarWinds software for critical functions to report security breaches in case of suspicions of being affected by the SolarWinds supply-chain attack. "Reporting malicious cyber activity enhances maritime domain awareness and allows us all to be better postured to prevent and respond to cyber incidents that could disrupt commerce or jeopardize national security."
Email security biz Mimecast not only fell victim to the SolarWinds hackers, leading to its own customers being attacked, it is also trimming its workforce amid healthy profits. Last month Mimecast revealed that one of its cryptographic certificates was purloined by the same team that smuggled a hidden backdoor into SolarWinds' Orion network monitoring software.