Microsoft said on Thursday,, December 17, it found malicious software in its systems, and that these systems were connected to Orion, the networking management software of SolarWinds used in suspected attacks by Russia on US agencies and other groups.
According to a Reuters report, a Microsoft spokesperson explained that while it was also a victim of the hack, there didn’t appear to be any attempt to use Microsoft’s systems to hit more organizations.
Said the spokesperson, “Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious Solar Winds binaries in our environment, which we isolated and removed.”
The spokesperson added, “We have not found evidence of access to production services or customer data. Our investigations, which are ongoing, have found absolutely no indications that our systems were used to attack others.”
Reuters adds a person familiar with the hacking spree said hackers used Microsoft’s cloud offerings but avoided the company’s corporate infrastructure.
ZDNet, in its report, said Microsoft joins a number of US government organizations and a cybersecurity firm which confirmed being attacked by the hack. These include the following:
- The US Treasury Department
- The US Department of Commerce’s National Telecommunications and Information Administration (NTIA)
- The Department of Health’s National Institutes of Health (NIH)
- The Cybersecurity and Infrastructure Agency (CISA)
- The Department of Homeland Security (DHS)
- The US Department of State
- The National Nuclear Security Administration (NNSA)
- The US Department of Energy (DOE)
- Three US states
- The City of Austin
- Cybersecurity firm FireEye
There are no comments yet. Add your comment to start the conversation.