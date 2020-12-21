Microsoft has confirmed that it was the victim of a security breach and the attack is still ongoing

This is not a trivial little cyberattack that the US has been the victim of since March 2020. No, it is certainly the greatest cyber espionage operation ever. While Russian hackers have been hitting numerous US government agencies and companies for months, Microsoft has just confirmed that it has also fallen victim to SolarWinds malware. An action by hackers from the APT29 group, which is supported by Russia.

Microsoft fell victim to malware from SolarWinds

The Agency for Cybersecurity and Infrastructure Security (CISA) states, “This threat poses a serious risk to federal and local governments, as well as to critical infrastructure and the private sector. We are dealing with a patient, focused and financially resourced opponent who is engaged in cyber espionage for a long time. “

In the same category

Cybersecurity: New technologies, unchanged threats

The bad news of the day is that Microsoft has just announced that it has discovered tampering with its software thanks to Microsoft Defender, a free antivirus that is built into all Windows installations. This is bad news as hackers likely used Microsoft’s products and software to escalate their operations to other companies.

A Microsoft spokesperson said, “Like all SolarWinds customers, we can confirm that we have discovered harmful Solar Winds binaries in our environment that we have isolated and removed. We did not find any evidence of access to production services or customer data. Our ongoing investigations have found absolutely no evidence that our systems have been used to attack other people. “

Sensitive government agencies are affected

Brad Smith, the president of Microsoft, spoke about it. He says: “We are currently notifying all affected organizations, 80% of which are based in the US, the rest are spread across seven other countries. Namely in Canada, Mexico, Belgium, Spain, Great Britain, Israel and the United Arab Emirates. “Many government agencies have been affected, but Microsoft’s President believes that these entities are not the majority of victims.

Some of the sensitive entities affected are: the US Treasury Department, the National Telecommunications and Information Administration (NTIA), the National Institutes of Health (NIH), the Cyber ​​Security and Infrastructure Agency (CISA), the Department of Homeland Security (DHS) ), the US State Department, the National Nuclear Security Administration (NNSA), the US Department of Energy (DOE), three US states, or the city of Austin.

Particularly sensitive institutions, which only make up 18% of the victims. Private companies are certainly massively affected. This is the case, for example, with FireEye, a cybersecurity juggernaut. It is currently the only private company besides Microsoft that has admitted to being hacked through SolarWinds. Most worrying, according to Microsoft, is that this process is still ongoing.