Microsoft says it found malicious Solar Winds binaries in its systems related to a massive hacking campaign disclosed by U.S. officials this week, according to Reuters. However, Microsoft found no indications that its systems were used to attack victims.
- Microsoft is a user of Orion, widely deployed networking management software from SolarWinds Corp used in the suspected Russian attacks on U.S. agencies and others.
- On Thursday, the U.S. National Security Agency issued a “cybersecurity advisory” arguing that hackers may have compromised certain Microsoft Azure cloud services.
- Both Microsoft and the U.S. Department of Homeland Security said the hackers used multiple methods of entry.
- The U.S. Energy Department said the hackers gained access to networks and the malware “has been isolated to business networks only” and has not impacted U.S. national security.
- There were allegations that the hackers used Microsoft’s cloud offerings while avoiding Microsoft’s corporate infrastructure.
- The U.S. Department of Justice, FBI, and Defense Department, among others, have moved routine communication onto classified networks that are believed not to have been breached by the attack
- U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned organizations not to assume their systems are safe and instead, should install the recent versions of SolarWinds software
- The U.S. Congress has demanded more information about the impacts of the attack and those behind it.
Microsoft stock is currently declining. MSFT: NASDAQ is down 0.59%