Mobile phones with a facial unlocking sensor under the screen are here

Microsoft sounds alarm bells about SolarWinds cyberattack



This week a sophisticated cyber attack against SolarWinds set off alarms in the United States, since it is the provider of IT solutions for not only large companies in the country, but also government organizations such as NASA, the Pentagon, and the air forces.



Just yesterday the US nuclear weapons agency confirmed that they had been hacked in the attack on SolarWinds. At the same time Microsoft also confirmed that its systems had been exposed to malware. Brad Smith, president of the company, wrote in detail how serious the problem is and how have identified victims in Canada, Mexico, Belgium, Spain, the United Kingdom, Israel and the United Arab Emirates.



"We need a robust and global cybersecurity response"




Solarwinds Microsoft



Microsoft explained that like other SolarWinds customers, they have been looking for indications of the malware and found malicious binaries in your environment, but they managed to isolate and eliminate them. The company says they have so far found no evidence that their customer data or production services have been accessed.



However, Microsoft has also been notifying more than 40 customers this week that the attackers targeted more precisely and were compromised through more sophisticated methods.







"My phone spies on me"- Norwegian journalist found out how his location data ended up on a US government contractor





Although approximately 80% of those clients are in the United States, the company has identified more victims in the rest of the world and they expect the number of affected to continue growing and spread to more countries.




According to Brad Smith, this attack represents a serious technological vulnerability for the United States and the world.








Cyber1

Map showing clients affected by malware in Orion - Image from Microsoft



Smith therefore warns that this is a very wide range attack and that it is still going on. Microsoft's research so far concludes that it is "an attack notable for its range, sophistication and impact".



The president of Microsoft believes that "it is not just an attack on specific targets, but on the trust and reliability of the world's critical infrastructure to advance a nation's intelligence agency." Although Smith does not go so far as to explicitly accuse Russia, if it leaves on the table that they believe that there is indisputable evidence about the origin of these attacks.



Smith quoted FireEye CEO Kevin Mandia who after revealing the recent attack said they were being "witnesses an attack by a nation with first-rate offensive capabilities".







What the journalist's foray into a secret EU video conference teaches us about the most preventable security breaches






While Microsoft security experts help in the answer, we have come to the same conclusion. Unfortunately, the attack represents a large and successful spy-based assault on both the confidential information of the United States Government and the technological tools used by companies to protect them. The attack is ongoing and is being actively investigated and addressed by public and private sector security teams, including Microsoft.




This attack directly targeted SolarWinds' Orion network management and monitoring system. It is believed that a back door was introduced with the last update in March 2020 that compromised Orion and thus the infrastructure of the companies that use it.



Of those companies, 425 are part of the Fortune 500, from the 10 largest telecommunications companies to the five United States military agencies. As SolarWinds reported, the attackers installed their malware in an Orion update that may have been installed by more than 17,000 customers.