Menu Close

Microsoft reveals about 40 organisations targeted in massive cyber breach

*Microsoft says the targeted cyber-attack represents a broad and successful espionage-based assault on both the confidential information of the US Government and the tech tools used by firms to protect them

Isola Moses | ConsumerConnect

Microsoft has said it identified more than 40 organisations that were targeted by attackers using “sophisticated measures.”

The tech giant stated in a blog post recently disclosed that most victims of the attack (80 percent) were located in the United States (US).

It said the other targeted groups were spread across seven other countries, including Canada, Mexico, Belgium, Spain, UK, Israel, and the United Arab Emirates (UAE). The company stated that has started working with the groups identified as victims.

According to Microsoft, those affected were running problematic versions of a third-party software platform called ‘SolarWinds Orion’.

Hackers were able to escalate intrusions with additional, second-stage payloads, it noted.

Microsoft further noted that it discovered the intrusions using data from its Microsoft Defender antivirus product, which is built into all Windows installations.

Microsoft President Brad Smith in a statement said: “It’s a certainty that the number and location of victims will keep growing.”

As regards the scope of the cyber-attack, Microsoft itself was among those targeted by hackers, but the company denied claims that its production systems were compromised or that the attack affected its business clientele and consumers.

Smith stated: “Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious Solar Winds binaries in our environment, which we isolated and removed.”

The attack, Microsoft noted the attack “represents a broad and successful espionage-based assault on both the confidential information of the US Government and the tech tools used by firms to protect them.”

The attack is being “actively investigated and addressed by cybersecurity teams in the public and private sectors, including Microsoft,” the statement said.

Smith said it’s become clear that stronger international rules are needed to help prevent future attacks of this magnitude.

“The defence of democracy requires that governments and technology companies work together in new and important ways – to share information, strengthen defenses and respond to attacks,” the company wrote.

It added: “As we put 2020 behind us, the new year provides a new opportunity to move forward on all these fronts.”

Kindly Share This Story

Kindly share this story