Hackers behind the Solarwind Supply Chain Attack managed to access the internal source code of the Microsoft.
Gouri J S
Building 92 on the Microsoft Redmond Campus | source: Wikipedia
Hackers behind the Solarwind Supply Chain Attack managed to access the internal source code of the Microsoft but was unable to compromise or modify any of their softwares, said the US tech giant.
The news of the attack came to light as part of the internal investigation on the Solarwind incident and investigation on the current issue is going on. It is one of the thousands of companies that discovered malwares on their networks via Orion updates.
Microsoft also highlighted that the hackers although viewed the source code, did not use it to reach production system, customer data or use Microsoft products to attack the customers.
On December 17, Microsoft admitted that they had used IT monitoring platform, Solarwinds for their internal network.
The source code of several Microsoft products - Windows 10, Windows XP, Windows 2000, Windows Server 2013, Windows NT & Xbox were leaked online in previous years after which they made approaches to source code privacy. The US Attorney General and the Secretary of State Mike Pompeo have attributed the attack to Russian led attackers.
The Cybersecurity and Infrastructure Security Agency (CISA) said that several US governmental agencies and private organizations had been exposed in the cyber attack.