SolarWinds hacking campaign puts Microsoft in the hot seat
3 years, 8 months ago

SolarWinds hacking campaign puts Microsoft in the hot seat

Associated Press  

BOSTON — The sprawling hacking campaign deemed a grave threat to U.S. national security came to be known as SolarWinds, for the company whose software update was seeded by Russian intelligence agents with malware to penetrate sensitive government and private networks. The SolarWinds hackers took full advantage of what George Kurtz, CEO of top cybersecurity firm CrowdStrike, called “systematic weaknesses” in key elements of Microsoft code to mine at least nine U.S. government agencies — the departments of Justice and Treasury, among them — and more than 100 private companies and think tanks, including software and telecommunications providers. That set the hack apart as “a widespread intelligence coup.” In nearly every case of post-intrusion mischief, the intruders “silently moved through Microsoft products “vacuuming up emails and files from dozens of organizations.” Thanks in part to the carte blanche that victim networks granted the infected Solarwinds network management software in the form of administrative privileges, the intruders could move laterally across them, even jump among organizations. The campaign’s “hallmark” was the intruders’ ability to impersonate legitimate users and create counterfeit credentials that let them grab data stored remotely by Microsoft Office, the acting director of the Cybersecurity Infrastructure and Security Agency, Brandon Wales, told a mid-March congressional hearing. The OPM shared data across multiple agencies using Microsoft’s authentication architecture, granting access to more users than it safely should have, said Dukes, now the managing director for the nonprofit Center for Internet Security.

History of this topic

After searing Cyber Safety Review Board report, Microsoft tells employees that security comes first
7 months, 3 weeks ago
Scathing federal report rips Microsoft for shoddy security, insincerity in response to Chinese hack
8 months, 3 weeks ago
Scathing federal report rips Microsoft for shoddy security, insincerity in response to Chinese hack
8 months, 3 weeks ago
Security News This Week: Russian Hackers Stole Microsoft Source Code—and the Attack Isn’t Over
9 months, 2 weeks ago
Microsoft says state-backed Russian hackers accessed emails of senior leadership team members
11 months ago
US regulators sue SolarWinds and its security chief for alleged cyber neglect ahead of Russian hack
1 year, 1 month ago
Microsoft says Russia-linked hackers behind dozens of Teams phishing attacks
1 year, 4 months ago
Microsoft says China-linked hackers accessed government emails
1 year, 5 months ago
Microsoft: Russian-backed hackers targeting cloud services
3 years, 1 month ago
The Russian hacker group behind the SolarWinds attack is at it again, Microsoft says
3 years, 2 months ago
Microsoft: Russia behind 58% of detected state-backed hacks
3 years, 2 months ago
Russians Tied To The SolarWinds Cyberattack Hacked Federal Prosecutors, DOJ Says
3 years, 4 months ago
Microsoft says new breach discovered in probe of suspected SolarWinds hackers
3 years, 5 months ago
Microsoft Says Suspected SolarWinds Hackers Breached Its Customer Support Tools Also
3 years, 5 months ago
78% companies expect another SolarWinds-style hack, survey finds
3 years, 6 months ago
Russia's SVR hijacked email system of US aid agency to target NGOs, think tanks critical of Putin
3 years, 6 months ago
Biden budget sets aside $750 million for SolarWinds response
3 years, 6 months ago
Microsoft: SolarWinds hackers target 150 orgs with phishing
3 years, 6 months ago
Russian hack targeted USAID, human rights groups, Microsoft says
3 years, 6 months ago
SolarWinds hacking campaign puts Microsoft in hot seat
3 years, 8 months ago
Senators press for more on SolarWinds hack after AP report
3 years, 8 months ago
Hunting the hunters: How Russian hackers targeted US cyber first responders in SolarWinds breach
3 years, 8 months ago
AP sources: SolarWinds hack got emails of top DHS officials
3 years, 8 months ago
China’s Microsoft hack, Russia’s solar winds attack threaten to overwhelm US
3 years, 9 months ago
Microsoft server hack has victims hustling to stop intruders
3 years, 9 months ago
Accounts of thousands of Microsoft users around the world hacked, attack reportedly linked to China
3 years, 9 months ago
White House warns of ‘active threat’ from Microsoft email hackers
3 years, 9 months ago
Microsoft says Chinese hackers are exploiting mail server vulnerabilities
3 years, 9 months ago
Microsoft Says Chinese Hackers Targeted Groups via Server Software
3 years, 9 months ago
Microsoft failed to shore up defenses that could have limited SolarWinds hack -U.S. senator
3 years, 9 months ago
‘They may be in the system’: Questions remain on SolarWinds hack
3 years, 9 months ago
SolarWinds hack required massive, sophisticated effort
3 years, 10 months ago
Massive breach fuels calls for U.S. action on cybersecurity
3 years, 10 months ago
SolarWinds hack: Biden administration says investigation is likely to take ‘several months’
3 years, 10 months ago
Suspected Chinese hackers breach US government via SolarWinds bug
3 years, 10 months ago
SolarWinds hackers gave themselves top administrative privileges to spy on victims undetected, DHS says
3 years, 11 months ago
Hackers accessed our Microsoft O365 email server: US DOJ
3 years, 11 months ago
U.S. Justice Department says its emails were breached by SolarWinds hackers
3 years, 11 months ago
Opinion: The SolarWinds hack is stunning. Here’s what should be done
3 years, 11 months ago
SolarWinds hackers saw some of our source code: Microsoft
3 years, 11 months ago
Microsoft says hackers viewed source code, didn’t change it
3 years, 11 months ago
Microsoft says suspected Russian hackers accessed source code
3 years, 11 months ago
SolarWinds hack: Russian cybercriminals attack CrowdStrike, attempt to read emails
3 years, 11 months ago
U.S. Cyber Agency: SolarWinds Attack Hitting Local Governments
4 years ago
SolarWinds hack: US reaches out to intelligence alliance partners on suspected Russian hack
4 years ago
Massive SolarWinds hack has big businesses on high alert
4 years ago
Microsoft Confirms It Found Malicious Software From SolarWinds in Its Systems
4 years ago
U.S. cybersecurity agency warns of ‘grave threat’ to computer networks
4 years ago
Microsoft says it found malicious software in its systems
4 years ago

Discover Related