Microsoft Corporation (NASDAQ:MSFT) and around 40 other tech companies and government agencies have been confirmed as among the victims of a serious cyberattack thought to have been conducted by Russia.
Texas-based SolarWinds Corp (NYSE:SWI) said earlier in the week that roughly 18,000 organizations around the world had unknowingly downloaded a hacked version of its Orion network management software.
This software contained a ‘backdoor’ that was used by nation-state hackers to install malware wherever it was downloaded.
Microsoft said overnight that it found the malicious software in its systems and the US National Security Agency confirmed that some Microsoft Azure cloud services may have been compromised by the hackers.
Microsoft president Brad Smith said the hackers had privileged access to 18,000 enterprise networks and only targeted 40 of them to follow-up.
Roughly 80% of those customers are located in the US, but Microsoft said there were victims in the UK, Belgium, Canada, Israel, Mexico, Spain and the UAE.
Smith said it was a “serious nation-state cyberattack” and used this “moment of reckoning” to call for “effective and collaborative leadership by the government and the tech sector in the United States to spearhead a strong and coordinated global cybersecurity response”.
This comes as the US and other governments are cracking down on the tech industry over matters including antitrust and privacy issues.
Two US senators who received private briefings said it was Russian state-sponsored hackers who carried out the cyberattack.
Smith added: “As Microsoft cybersecurity experts assist in the response, we have reached the same conclusion. The attack unfortunately represents a broad and successful espionage-based assault on both the confidential information of the US government and the tech tools used by firms to protect them. The attack is ongoing and is being actively investigated and addressed by cybersecurity teams in the public and private sectors, including Microsoft. As our teams act as first responders to these attacks, these ongoing investigations reveal an attack that is remarkable for its scope, sophistication and impact.”
The Federal Bureau of Investigation, the Cybersecurity and Infrastructure Security Agency, and the Office of the Director of National Intelligence issued a joint statement earlier in the week to say that they were coordinating a “whole-of-government response to this significant cyber incident”.
One specialist tech publication said the hack appeared to be “one of the worst espionage hacks of the past decade if not of all time” with “pinpoint accuracy ...nothing short of astounding”.