Michael Cardinal, FISM News
Microsoft cloud customers have been added to the list of those who may be compromised in the cyber-attack that started in the spring.
The suspected Russian hackers used reseller access from Microsoft Inc. to steal emails from at least one company. Jeff Jones, Microsoft’s senior director of communications said that they have “found incidents involving abuse of credential to gain access,” but also added that “they have not identified any vulnerabilities or compromise of Microsoft products or cloud services.”
This new development adds to the breadth of a security intrusion that the U.S. Cybersecurity and Infrastructure Security Agency has said “poses a grave risk to the Federal Government” and other state and local agencies.
The attack was first found to be attached to a SolarWinds software update between March and June 2020. SolarWinds is a cybersecurity firm used by both government agencies and private companies whose software is designed to prevent these types of attacks. The malware that was attached to the update was sophisticated and has the earmarks of a “patient, well-resourced, and focused adversary.”
While only 18,000 of SolarWinds 300,000 customers appear to be affected, several government agencies have been breached, including the Commerce Department, Homeland Security, Pentagon, Treasury Department, and the US Postal Service, as well as several major private corporations.
The full scope of the breach may take some time to uncover as those responsible had months to go through government systems and it is unknown what secrets were stolen. “It’s as if you wake up one morning and suddenly realize that a burglar has been going in and out of your house for the last 6 months,” stated Glenn Gerstel, former NSA General Counsel.