The SolarWinds hackers, who are behind the worst US government agency hack in years, have gained access to secret source code. For a company Microsoft to authenticate clients, which helped one of their main attack methods.
Microsoft said in Post: Its internal investigation found that the SolarWinds hackers studied parts of the Azure Cloud Computing Service source code architecture related to identity and security, the Exchange Mail and Calendar server, and the Intune cloud management solution.
The company explained that some code had been downloaded, which would have given SolarWinds hackers more freedom to search for security vulnerabilities, create new flawed copies, or examine the logic to find ways to exploit client installations.
Microsoft previously indicated that the SolarWinds hackers had access to some of the source code, but it did not mention any parts, or that any of them were copied.
The US authorities said: The violations that were revealed in December extended to nine federal agencies and 100 private companies, including major technology providers and safety companies, and said: The Russian government is likely to stand behind this wave, which Moscow has denied.
SolarWinds hackers were initially detected by the security provider FireEye, and the hackers used advanced skills to insert spyware backdoors into the widely used network management software distributed by SolarWinds.
SolarWinds hackers added new Azure data, added greater rights to existing data, or manipulated Microsoft software, in order to steal email from thousands of SolarWinds clients.
Some hackers have also used such techniques on targets that do not use SolarWinds.
Microsoft previously acknowledged that some of its vendors, who often have constant access to client systems, have been used for breaches, but it continues to deny that flaws in anything it directly provides were used as the primary vector for the attack.
The company said: It completed its investigation and found no indications that its systems had been used to attack others.
However, it has proven that issues with data management are so prevalent in recent attacks that many security companies have issued new guidelines and warnings as well as tools to detect misuse.
President Joe Biden has promised to respond to the SolarWinds hacks, and the Senate Intelligence Committee is holding a hearing on the breach on Tuesday with witnesses including Microsoft Chairman Brad Smith and FireEye CEO Kevin Mandia.