Reportedly, Russia is responsible for the SolarWinds cyber security attacks that recently broke into Microsoft secured files. The hacking group reportedly accessed a portion of Microsoft’s source code. The tech company reported the hacking incident on Thursday. According to cybersecurity specialists, this latest cyber-security attack sends a worrying warning about these criminal hackers’ ambition.
It is not clear how much, or what parts, of Microsoft’s source code the hackers infiltrated and stole. Yet, the disclosure proposes they used software company SolarWinds as a springboard to break into sensitive U.S. government networks. Along with the added interest of compromising the inner workings of Microsoft products too.
About Microsoft Cyber-attack
Source code contains private info for a company that’s created by a web developer. It is the fundamental arrangement of instructions that run a piece of programming or operating system. This is the blueprint of how a software is built with critical details. A source code is commonly one of the most closely guarded secrets of a technology company. Likewise, Microsoft has always protected theirs with profound caution.
Unfortunately, this could not deter the hacking group as Microsoft admitted that this kind of advanced cyber attack is a whole new concept. The SolarWinds hack is among the most aggressive and ambitious cyber security breach in the last decade.
The result of this cyber security attack have left at least half-a-dozen federal agencies, and thousands of other businesses heavily compromised. Reports from these organizations states that security analysts are currently sorting through logs to comprehend the dept of this malicious cyber attack. Some organizations are on the hunt to hire ethical hackers to plug loopholes. Thus, preventing private files information from being altered or stolen in the future.
Microsoft reported that the criminal hackers were unable to modify their source code. This they stated would have yield potentially disastrous consequences given the pervasiveness of Microsoft products. Especially, it’s Microsoft’s Office suite to its very own operating system. With the cybersecurity hack, the code could have given the hackers insight to subvert Microsoft services. The company stated that its blueprint in the hands of cyber criminals could make it easier to orchestrate devastating cyber attacks.
One cybersecurity analyst, Matt Tait, concurred that the source code could be used as a guide to help hack Microsoft products utilized by regular consumers. However, Tait advised that components of the organization’s source code were already widely shared by IT technicians, and even with foreign governments. Microsoft had not confirmed if cryptographic keys or passwords were embedded in its source code.
Certified Ethical Hackers Protect Businesses
Microsoft historically protects its databases with the latest protection against cyber-attacks. Therefore, this latest cyber breach will not gravely affect customers since the necessary security was in place. Previously, Microsoft asserted that they’ve found no proof of business clients data being used by others, or breach of any private database.
However, Reuters reported that Microsoft-approved affiliates hacked accounts granted the criminal hackers access to private and confidential emails. Microsoft later acknowledged that some of its vendors access were misused by the hackers.
The SolarWinds hacking orchestrated by Russian hackers is being investigated by the FBI, and the Department of Homeland Security, along with the Cybersecurity and Infrastructure Security Agency.
However, the SolarWinds hacking campaign traced to Russia by the FBI was denied by the Kremlin.
Both Tait and Ronen Slavin, Cycode’s chief technology officer, said one key unanswered inquiry was which source code repositories the hackers breached. Due to Microsoft’s wide range of products, popular or relatively new, the hacked products remain a mystery.
Companies are now on the alert as the SolarWinds hackers could utilized Microsoft’s source code as a preface to launch more ambitious cyber attack. The critical question is still unanswered – Is this target practice for a devastating cyber-attack on the next big corporation?
However, with more advance cyber attacks unleashed for 2021, companies must protect their assets. To keep organizations safe, they must hire a ethical hacker to protect private files from the hands of cyber criminals.