The SolarWinds hack by alleged Russian backed hacker groups that targeted US government agencies and private corporations maybe even worse than officials first believed. Some 250 US federal agencies and businesses now understood to be directly affected, the New York Times reported.
Even the monolith that is Microsoft has said the hackers compromised it’s SolarWinds’ Orion monitoring and management software. Allowing them to “impersonate any of the organisation’s existing users and accounts, including highly privileged accounts.” The Times reports that the Russian hacker teams have exploited the supply chain layers to access the agencies’ systems.
The Times reports that early-warning sensors that Cyber Command and the NSA placed inside foreign networks to detect potential attacks appear to have failed in this instance. It seems likely that the US government’s attention on protecting the November elections from foreign hackers may have stretched resources. In doing so, taking focus away from the software supply chain concludes the Times. And conducting the attack from within the US allowed the hackers to evade detection by the Department of Homeland Security.
Microsoft said earlier this week it had discovered its systems were infiltrated “beyond just the presence of malicious SolarWinds code.” The hackers could “view source code in many source code repositories,” but the hacked account granting the access didn’t have permission to modify any code or systems.
In a bit of good news, Microsoft claims that “no evidence of access to production services or customer data,” and “no indications that our systems were used to attack others.”
Given this breach’s nature, it would be safe to assume that this is just the tip of an iceberg in cybersecurity terms and could run and run. We can confirm that Equate Group do not use any Solarwinds products.
Source: New York Times