Microsoft discloses it found malicious software in its systems related to the massive cyberattack disclosed by U.S. officials earlier this week.
Microsoft (MSFT) – Get Report stated it had found malicious software in its systems regarding the massive cyber attack disclosed by U.S. officials earlier this week.
The Richmond, Wash.-based software giant is now a user of Orion, the widely deployed networking management software in SolarWinds (SWI) – Get Report, which was utilized in the suspected Russian strikes on many U.S. government bureaus.
“Like other SolarWinds clients, we have been actively looking for indicators of the actor and will confirm that we discovered malicious SolarWinds binaries within our surroundings, which we isolated and removed,” Microsoft said in a statement.
“We have not discovered evidence of access to production services or client data. Our investigations, which are ongoing, have found zero indications that our systems were used to attack other people,” the firm said.
The revelation comes following a new alarm by the Department of Homeland Security’s cyber arm Thursday revealing that Russian hackers suspected of a massive, ongoing intrusion effort into government agencies, private businesses, and critical infrastructure entities utilized various unidentified tactics – rather than merely one compromised software application.
Hackers believed to be linked to Russia’s foreign intelligence service inserted malware into software upgrades for SolarWinds’ Orion IT infrastructure management software between March and June. This led to security breaches at the Treasury Department, the National Telecommunications and Information Administration, the Department of Homeland Security, and Lots of SolarWinds’ corporate customers.
A joint statement issued Wednesday night from the FBI, intelligence community, and cyber arm at the Department of Homeland Security formally acknowledged that the ongoing cyber effort had come to light within the past”a few days,” and was still busy.
The Cybersecurity and Infrastructure Security Agency said Thursday the SolarWinds Orion software vulnerability disclosed earlier this week is not the only way hackers compromised several online networks, warning that in some cases, victims seemed to have been breached despite having the complex applications.
For its part, Microsoft has identified over 40 of its customers worldwide that had debatable versions of this third-party IT management software, which were mainly targeted by the suspected Russian hacking effort revealed this week, the company stated in a blog article Thursday.
Microsoft said that 80 percent of those victims are in the U.S. while the rest are in seven different countries, including Canada, Mexico, Belgium, Spain, the United Kingdom, Israel, and the United Arab Emirates, together with Microsoft President Brad Smith noting it is”a certainty which the number and location of sufferers will keep growing.”