Microsoft Reveals Massive Breach

Microsoft announced that dozens of its customers, including all over the world, were targeted as part of a cyberattack on US government institutions.

Microsoft announced that dozens of its customers, including all over the world, were targeted as part of a cyberattack on US government institutions.

Microsoft and 40 clients including a US nuclear weapons agency and at least three states were breached.

Around 80% of the clients were based in the US while the rest are in Canada, Mexico, Belgium, Spain, the United Kingdom, Israel, and the United Arab Emirates.

Microsoft reported detecting a malicious version of Orion, a software from SolarWinds inside the company said there was not yet any evidence hackers had used Microsoft systems to attack customers.

“Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious Solar Winds binaries in our environment, which we isolated and removed,” said Microsoft.

In response to the breach, the US National Security Agency (NSA) issued a rare “cyber-security advisory” stating that Microsoft Azure cloud services may have been compromised by hackers and directing all users to secure their systems.

Only the Federal Energy Regulatory Commission (FERC), Sandia and Los Alamos national laboratories, the Office of Secure Transportation, and the Richland Field Office of the Energy Department have confirmed monitoring suspicious activity so far.

It is not yet clear whether the hackers had been able to access any data on those networks or have leaked them publicly.  

The Cybersecurity and Infrastructure Security Agency (CISA) the intrusion began last March and had compromised federal agencies as well as “critical infrastructure.”


© Fourth Estate® — All Rights Reserved.
This material may not be published, broadcast, rewritten or redistributed.