Microsoft has been investigating the SolarWinds data breach, scrutinizing its loopholes and damages of the cybersecurity company’s attack that happened during the wake of the 2020 pandemic. Although the attempt to infiltrate SolarWinds was shocking, Microsoft revealed that the culprits did not steal information to access its customer’s data.
Since the software company (Microsoft) discovered traces of unusual SolarWinds typical activity in their database in December 2020, they became keener with follow-ups of the trail leading to preparators supposedly.
Microsoft also revealed the end of their SolarWinds investigation — cantered on certainty, the hackers did not access SolarWinds’ customer data, in line with the software tech company’s conclusion.
Microsoft’s conclusions indicated that the hackers did not initiate a further attack to spread its malicious data on SolarWinds customers, involving several hundreds of private companies and federal agencies subscribed to its security services.
Nonetheless, other authority agencies believed otherwise — a closer look at the nature of the Cyberattack. Supposedly, over 18,000 were affected, according to the number of SolarWinds’ customers that updated the latest security software version at the time.
The software tech company once confirmed the hacker did access SolarWinds’ source codes, which could trigger further access to its other customers.
However, the supposed suspect — that is, the bad actors that downloaded source codes during SolarWinds’ attack could have access to the codes of three of their products. The product includes Exchange (mail and calendar server), Azure (cloud computing service), and Intune (cloud-based management service), conforming to Microsoft’s latest report.
According to the software tech company, the perpetrators accessed a tiny fraction of files. In terms of Microsoft’s mode of investigations — indications showed that the hacker used the “search terms,” a directory to seek hidden companies’ secrets.
Since October 2019, the overwhelming cyber-attacks campaign started, and suspicion has been centred on SolarWinds since their “Orion network management tool” was used less than several times by the hackers. The preparator accessed their files for the first time towards the end of November 2020, in line with Microsoft’s investigation analysis.
SolarWinds lost access to its network and computer system as-well-as Microsoft — Microsoft’s fightback frightened the hacker, and they have been on the trail since the wake of the attack. Microsoft regained access to its network in January 2021.
Microsoft is not the only victim redirected from SolarWinds’ attack — the Belkin’s systems, NVIDIA, and Intel. The hackers also got to other tech companies such as Malwarebytes and Cisco and Government agencies such as the US Nuclear Security Administration and the US Department of Justice. In line with Kaspersky’s investigation, the US government believes the Russian government initiated the attack to steal American information.
The hackers developed a malware that is dubbed with hack tools that looks like it is created by Russian hack groups that are sponsored by the Federal Security Service — commonly recognized as the KGB, according to SolarWinds’ latest report.