Microsoft said on Thursday that Russia’s cyber attacks on U.S. government agencies and private companies are much deeper than the company previously disclosed.
The company said that although the hackers suspected of working in the Russian SVR intelligence agency did not seem to use Microsoft’s system to attack other victims, they were able to view some Microsoft source code by hacking into an employee account.
Microsoft has previously stated that the attack was not violated, and that the attack has damaged dozens of federal agencies and companies. Microsoft said its subsequent investigation revealed that hackers could not access email or its products and services, and they could not modify the source code they viewed.
Investigators are still trying to understand what the hackers stole, but investigations by FireEye, Microsoft, Amazon, and other companies have shown that the scope of the attack may be much larger than initially thought. In the past week, FireEye’s competitor CrowdStrike announced that the same attacker had also failed to target it. In this case, the hacker used a Microsoft reseller (a company that sells software on behalf of Microsoft) to try to access the system.
The Department of Homeland Security has confirmed that SolarWinds is one of several avenues used by Russians to attack US agencies, technology and cybersecurity companies.
President-elect Biden accused President Trump of underestimating hackers. Mr. Trump privately called the attack a “scam.” In public, he hinted that China may be the culprit, not Russia. This discovery was questioned by Secretary of State Mike Pompeo.
This is a developing story and will be updated.