Microsoft said Thursday that the large-scale Russian cyberattack on U.S. government agencies and private companies went deeper into its network than the company previously disclosed.
While the hackers, suspected of working for the Russian intelligence agency SVR, did not appear to be using Microsoft’s systems to attack other victims, they were able to see Microsoft’s source code by hacking into an employee’s account, the company said.
Microsoft had previously said it was not violated in the attack, which compromised dozens of federal agencies, as well as businesses. Microsoft said its subsequent investigation found that hackers were unable to access the emails or its products and services, and that they were unable to modify the source code that they had consulted.
The Russian attack, which may be ongoing, appears to have started as early as October 2019. It was around this time that hackers first violated a Texas company called SolarWinds that provides surveillance services for the network to government agencies and 425 Fortune 500 companies. Commerce, Treasury, State, and Energy departments were all violated in the attack, as was FireEye, a large cybersecurity firm that first disclosed the violation this month.
Investigators are still trying to figure out what the hackers stole, but investigations by FireEye, Microsoft, Amazon and other companies have found that the attack could have a much broader scope than previously thought. origin. Last week, CrowdStrike, a competitor to FireEye, announced that he had also been targeted, unsuccessfully, by the same attackers. In this case, the hackers used Microsoft resellers, companies that sell software on Microsoft’s behalf, to try to gain access to its systems.
The Department of Homeland Security has confirmed that SolarWinds is one of several avenues the Russians use to attack US agencies, tech and cybersecurity companies.
President-elect Joseph R. Biden Jr. has accused President Trump of downplaying the hack. Mr. Trump privately called the attack a “hoax.” Publicly, he has suggested that China, not Russia, may have been the culprit – a finding that has been challenged by Secretary of State Mike Pompeo.
This is a developing story and will be updated.