He said Investigators: The Russian hackers behind the worst cyberattack against America in years took advantage of vendors’ access to services a company Microsoft to hack targets that don’t own the hacked SolarWinds Orion platform.
The updates to the Orion platform were previously the only known entry point, but it is clear that the group attempted to breach a major security company.
Security company CrowdStrike says it was also targeted, and the attempt occurred during a 17-hour period several months ago, when the hackers tried to access the company’s email, but the attempt was unsuccessful..
CrowdStrike explained that the hackers gained access to the vendor who sold her Office Pack licenses and used that to try to read her email.
Many Microsoft software licenses are sold through third parties, and these companies can enjoy near-permanent access to client systems, and Microsoft said: These customers need to be vigilant.
And Geoff Jones said Jeff Jones From Microsoft: Our investigation revealed incidents involving misuse of data, and we did not identify any security vulnerabilities or breaches of Microsoft products or cloud services.
The use of a Microsoft distributor by Russian hackers to try to break into CrowdStrike raises new questions about the number of avenues available to hackers, which US officials claim are acting on behalf of the Russian government.
Reuters reported a week ago that Microsoft products were used in the attacks, The software giant has indicated that its customers should remain vigilant.
But figuring out which vendors still have access rights at any time is so difficult that CrowdStrike has released an audit tool to do so.
SolarWinds released a new update to fix vulnerabilities in its platform after discovering a second group of hackers who had targeted the company’s products.
This followed a post from Microsoft saying: The SolarWinds platform has been targeted by a second group of hackers, in addition to Russian hackers.
The identity of the second group of hackers remains unclear, and Russia has denied any role in the hacking.