She said a company Microsoft on Thursday: It found malware in its systems related to a massive piracy campaign exposed by US officials this week, adding a large technical target to a growing list of government agencies that have come under attack.
Microsoft is one of the users of Orion, SolarWinds’ widely used network management software, which has been used in suspected Russian attacks on vital US agencies, among others.
Quotes Reuters news agency quoted informed sources as saying: Microsoft products were used to attack the victims. On Thursday, the US National Security Agency released a rare cybersecurity advisory statement detailing how hackers infiltrated some Microsoft Azure cloud services, directing users to shut down their systems.
A Microsoft spokesperson said: “Like other SolarWinds customers, we have been actively looking for indications for this
A Microsoft spokesperson said, “Like other SolarWinds customers, we have been actively looking for indications of this hack, and we can confirm that we discovered malicious SolarWinds code in our systems, which we isolated and removed,” adding that the company found “no indications that our systems were being used to attack Others ”.
One person familiar with the hacking incident said: Hackers took advantage of Microsoft’s cloud offerings while avoiding the company’s infrastructure. However, another person familiar with the matter said: The US Department of Homeland Security did not believe Microsoft was a major vehicle for new infection.
The US Department of Energy also said: It had evidence of hackers gaining access to its networks as part of the campaign. The US newspaper Politico had previously reported that the National Nuclear Security Administration, which manages the country’s nuclear weapons stockpile, was targeted in the campaign.
Hackers have used other technologies as well as corrupting SolarWinds’ network management software updates that are used by hundreds of thousands of companies and government agencies, the Department of Homeland Security said in its Thursday bulletin.
The Agency for Cybersecurity and Infrastructure Security urged investigators not to assume their organizations are secure if they do not use modern versions of SolarWinds, while also noting that hackers have not exploited every network they have accessed either.
The agency said: It continues to analyze other methods used by the attackers. So far, hackers have been known to have monitored email or other data within the United States’ defense, state, treasury, homeland security and trade departments.