The Patriot Post® · Microsoft's Bug: Tech Giant Breached by Russian Cyberattack

By Thomas Gallatin ·
https://patriotpost.us/articles/76780-microsofts-bug-tech-giant-breached-by-russian-cyberattack-2021-01-05

Last month’s discovery of a Russian-linked hacking of several U.S. government network systems now reportedly includes another target: U.S. tech giant Microsoft Corp. The allegedly Kremlin-backed hackers gained access to Microsoft’s internal system and viewed source code used in building software products. Microsoft confirmed that hackers used SolarWinds, the software developer compromised and used by hackers to infiltrate several U.S. government and corporate networks.

This latest revelation goes to show the scope and likely intent of the hackers. As The Wall Street Journal reports, “Microsoft’s disclosure raises the specter that the hackers may have targeted and then compromised other technology companies as well, said Sherri Davidoff, chief executive of the security consulting firm LMG Security LLC. ‘That’s why these hackers are going after these companies,’ she said. ‘They don’t want access to just one company. They want access to everything.’”

Thus far, Microsoft has refused to disclose what products or internal system may have been affected by the hack, only stating that the company “found no evidence of access to production services or customer data” and “no indication that our systems were used to attack others.”

The months-long SolarWinds attack has “also compromised at least one reseller of Microsoft’s cloud-based computing services and tried to use that as a way of gaining access to emails belonging to the cybersecurity vendor CrowdStrike Inc.,” the Journal further reports. “That attempt was unsuccessful, CrowdStrike said last week. Microsoft is the world’s second-largest cloud-computing company after Amazon.com Inc.”

The implications of just how damaging and far-reaching this Russian hack really was are yet to be fully known. On Tuesday a task force made up of four DOJ agencies was setup to further investigate the breach.