SolarWinds Attack Update: Russian Hackers Breached 250 US Agencies and Top Companies – E Hacking News
More than 250 US Federal Agencies and big companies have been attacked by alleged state-sponsored Russian hackers. The attackers gained access by hacking into ‘SolarWinds Orion’ management and monitoring software. The hack was much worse than what I expected, says US Senator Mark Warner according to New York Times report. The scale of the attack keeps increasing, it’s evident that the US government failed to detect the attack. As per the report, companies like Amazon and Microsoft who offer cloud-based services, now investigate further to find evidence.
According to Microsoft, hackers exploited the SolarWinds software which allowed them to copy user accounts of the company, some of which were top-level individual accounts. Microsoft found unusual activity in a few company accounts and upon investigation, it found that hackers used one account to access source code in multiple source codes repositories. Besides this, Microsoft confirms that the account didn’t allow hackers to change code or modify engineering systems.
According to the reports, it suggests that few breached SolarWinds softwares were modified in Eastern Europe. Cybersecurity experts and federal officers currently investigate if the large scale attack operated from areas where Russian intelligence is deeply embedded.