Microsoft on Thursday announced the completion of an investigation initiated in December last year to ascertain damage to its network, caused by a massive hacker attack. The invasion was exploited through the network management software Orion, from the American company SolarWinds, used to distribute malicious updates to about 18,000 customers, including government organizations.
The investigation carried out by the Redmond company ensures that cybercriminals have not had access to their customers’ data, nor have they been able to manipulate their systems to target other victims.
In Thursday’s post on its website, Microsoft says it has completed its internal investigation of Solorigate, the company’s name for the malware, and recognizes that hackers were able to read and download some of its source code, specifically the computer service at Azure cloud, Intune cloud management and Exchange mail and calendar server.,
In all three cases, the attackers were able to access only a few files, although their intentions were clearly aimed at obtaining great secrets from the company. According to the note, “the first view of a file in a source repository was in late November and ended when we protected the affected accounts”.
The hacker attack that compromised Orion’s user networks began in October 2019. The malicious version of the plugin downloaded at least 18,000 times creates a backdoor on the victim’s system through malware, which characterizes a chain attack. supplies, since vendor SolarWinds was used to distribute the malicious program to customers.
In addition to Microsoft, hackers have hacked into systems from NVIDIA, Intel, Cisco and Belkin, and US government agencies such as the Department of Justice and the Nuclear Security Administration. The US intelligence services believe that Russia is behind the attacks, which is confirmed by the security agency Kaspersky.