As Microsoft continues to investigate the major SolarWinds attack, the company says it has discovered that "beyond just the presence of malicious SolarWinds code," its systems have been compromised. Microsoft says that hackers were able to "view source code in a number of source code repositories," in an update from its Security Response Center, but that the hacked account granting such access did not have permission to change any code or systems.
Although Microsoft points to "a very sophisticated actor of the nation-state" as the culprit, Russia has been implicated by the US government and cybersecurity officials as the architects of the overall SolarWinds assault. An extensive list of sensitive organizations was exposed by the attack, and today's Microsoft disclosure indicates that we will still be unraveling the effects of the attack for weeks and months to come.
"Fortunately, while hackers went deeper than previously known, Microsoft says it discovered "no proof of access to production services or customer data," and "no evidence that our systems were used to target anyone.In addition, the company says that it frequently believes that its source code can be interpreted by adversaries and does not rely on source code confidentiality to keep its goods secure. How much code was viewed or what the exposed code was used for was not revealed by Microsoft.
Microsoft President Brad Smith said earlier this month that the attack was a "moment of reckoning" and cautioned about its threat. 'This is not' surveillance as usual,' said Smith. "In effect, this is not just an attack on specific targets, but on the confidence and reliability of the critical infrastructure of the world in order to advance the intelligence agency of one nation."