On December 17th Microsoft President Brad Smith exposed the latest world’s serious nation-state cyberattack to the world. So Microsoft did an investigation of the massive SolarWinds attack. After that, they got to know some of the infiltrated systems other than the malicious SolarWinds code. Microsoft says their infiltrated accounts were granting readable access but didn’t have permission to modify any Microsoft source code in an update from its Security Response Center.
As Microsoft traits “a very sophisticated nation-state actor” as the culprit. The cybersecurity and US govt officials have implied Russia as the architects of the overall SolarWinds attack. The incursion unmasked a big list of sensitive organizations. The current disclosure from Microsoft shows there still be unraveling the attacks’ implications for weeks and months to come.
Microsoft says their investigation into its own environment has found no evidence of access to production services or customer data. The ongoing investigation has also found no indications that our systems were used to attack others. Additionally, the company says that it regularly assumes adversaries can view its source code. But does not rely on the secrecy of source code to keep its products secure.
Earlier this month, Microsoft President Brad Smith said the attack was a “moment of reckoning” and warned about its danger. “This is not ‘espionage as usual,’ Smith said. “In effect, this is not just an attack on specific targets, but on the trust and reliability of the world’s critical infrastructure to advance one nation’s intelligence agency.”
Want to know the full investigation done by Microsoft? Read it here.
So that’s it for now. Thank you for reading, and please do share the article within your circles if you loved reading it. Also, keep an eye on this space to get relevant updates. Stay safe, and we hope to see you around.