Microsoft Corporation was outlined as part of a massive hack that used a backdoor in SolarWinds software to “effectively attack the United States” as president of the tech giant.
Reuters reported on Thursday that after infiltrating Microsoft, hackers used their products to attack others.
While Microsoft MSFT,
While officials confirmed the breach, they denied that its products were used to pursue the hack.
“Like other SolarWind customers, we are actively looking for indicators of this actor and can confirm that we detected malicious SolarWind binaries in our environments, which we isolated and removed,” Microsoft spokesperson Frank Shaw said on Twitter. “We have not found evidence of access to production services or customer data. Our investigation, which is ongoing, has no indication that our system was used to attack others. ”
In a blog post on Thursday, Microsoft President Brad Smith said: “This latest cyber attack is effectively an attack on the United States,” hacking has been called a “moment of raking”.
The hack, which was first reported on Sunday, may be the most widespread and most damaging that the Cyber Security and Infrastructure Security Agency in the US has said on Thursday that “critical infrastructure” has dissolved, and that There is a risk to government and private networks. “Grave.”
Roughly 18,000 companies – including the vast majority of the S&P 500 SPX,
Companies – and American government agencies, such as the Treasury and Commerce, were victims of malware. SolarWinds SWI,
It is already a software vulnerability patch on Thursday. The Wall Street Journal reported on Thursday that the hackers were extraordinarily stealthy and used never-before-seen hacking tools. Governments and companies are still finding out how much information has been compromised.
Smith said Microsoft’s cyber security team agreed with the conclusion of FireEye FEYE,
CEO Kevin Mandia, who said that a nation-state was likely behind the attack. Russia is the prime suspect.
“The attack unfortunately represents a widespread and successful espionage-based attack on both US government confidential information and the technical tools used by firms to protect them,” Smith said.
Smith warned that the attack was “ongoing”, adding that at least seven other countries had been killed, including Canada, the UK, Spain, Israel and the UAE. “It is certain that the number and location of victims will continue to grow,” he said.
“It’s not as ‘espionage as ever’ even in the digital age,” Smith said. “Instead, it represents an act of negligence that created a serious technical vulnerability for the United States and the world. In fact, it is not just an attack on specific targets, but also on the trust and credibility of the world’s critical infrastructure. ”
He attributed a strong, coordinated global response to cyberattacks from both the private and public sectors, as well as nations for cyberattacks.
“We live in a more dangerous world, and this requires a stronger and more coordinated response,” Smith wrote.