Microsoft says it found malicious Solar Winds binaries in its systems related to a massive hacking campaign disclosed by U.S. officials this week, according to Reuters. However, Microsoft found no indications that its systems were used to attack victims.

  • Microsoft is a user of Orion, widely deployed networking management software from SolarWinds Corp used in the suspected Russian attacks on U.S. agencies and others.
  • On Thursday, the U.S. National Security Agency issued a “cybersecurity advisory” arguing that hackers may have compromised certain Microsoft Azure cloud services.
  • Both Microsoft and the U.S. Department of Homeland Security said the hackers used multiple methods of entry.
  • The U.S. Energy Department said the hackers gained access to networks and the malware “has been isolated to business networks only” and has not impacted U.S. national security.
  • There were allegations that the hackers used Microsoft’s cloud offerings while avoiding Microsoft’s corporate infrastructure.
  • The U.S. Department of Justice, FBI, and Defense Department, among others, have moved routine communication onto classified networks that are believed not to have been breached by the attack
  • U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned organizations not to assume their systems are safe and instead, should install the recent versions of SolarWinds software
  • The U.S. Congress has demanded more information about the impacts of the attack and those behind it. 

Microsoft stock is currently declining. MSFT: NASDAQ is down 0.59%