As Microsoft continues to investigate the major SolarWinds attack, the organization claims it has found that its databases have been compromised beyond the presence of malicious SolarWinds code. In an update from its Security Response Centre, Microsoft says that hackers have been able to view source code in a number of source code repositories, but that the hacked account granting those access has not been able to view source code in a number of source code repositories.
Although Microsoft points out that a very sophisticated nation-state actor is the guilty party, the US government and cyber security officials have involved Russia as the architects of the SolarWinds attack.
The attack revealed a wide number of sensitive organisations, and today's Microsoft announcement shows that we're already going to unravel the effects of the attack for weeks and months to come.
Fortunately, Microsoft reports that although hackers have reached further than traditionally thought, they have found no evidence of access to production services or customer data and no evidence that our systems have been used to attack others. However, the organization states that it frequently believes adversaries are able to display its source code and does not depend on the secrecy of the source code to maintain its goods safe. Microsoft has not revealed how much technology has been viewed or what the exposed code is used for.
Earlier this month, Microsoft President Brad Smith said the attack was a time of reckoning and cautioned about its threat. It isn't 'espionage as usual,' said Smith. In effect, this is not just an attack on specific targets, but on the trust and reliability of the critical infrastructure in the world to advance a nation's intelligence agency.