Microsoft: SolarWinds hackers continue attacking tech companies

Texas News Today

Last year a wide range of US governments were behind a wide range of private sector agreements involving Russia, including Hacker and SolarWind. Ltd.

Cyber ​​security experts say they have intensified their attacks in recent months and breached tech companies to steal sensitive information.

In a campaign in May this year, hackers are targeting more than 140 tech companies, including those that manage or resell cloud computing services, according to a new Microsoft study. Ltd.

msft -0.51%

According to Microsoft, the attacks on 14 of these tech companies were successful, involving crude techniques such as phishing and guessing user passwords in hopes of accessing the system.

According to a blog post, Tom Bart, corporate vice president of customer security and trust at Microsoft, said: This was provided by Microsoft ahead of the announcement on Monday.

According to security experts, last year’s SolarWinds incident showed that a breach of one of the most widely used links in the technological supply chain could be the starting point for further attacks. In April, the Biden administration punished Moscow with financial sanctions and diplomatic expulsion on suspicion of attacks and other malicious cyber activity, after government officials returned it to Russia’s foreign intelligence service.

This does not discourage hackers. Microsoft says it has seen 22,868 clusters linked to SolarWinds attacks targeting 609 companies between July 1 and October 19 this year. According to Burt, this is more than what Microsoft has seen in the past three years by all hackers linked to the government.

The Solarwinds invasion, undiscovered for more than a year, was part of a hacking campaign that gave intruders a foothold for at least nine federal agencies and 100 private sectors. Microsoft itself and cyber security firm FireEye were compromised during the incident.

However, not all intrusions are related to SolarWinds software. Government officials say 30% of victims did not use SolarWinds products.

This hack is considered to be one of the worst intelligence deterrents in the United States in years. Moscow denied participation. A representative for the Russian embassy in Washington did not immediately respond to a message seeking comment.

The latest disclosure of Russia’s alleged activity is an ongoing bilateral meeting aimed at addressing the plethora of ransomware attacks by the Biden administration against critical US infrastructure and business from Russian cybercriminals. Comes when trying to mitigate Moscow’s cyber attacks in a variety of ways, including: Officials have expressed differing views on whether Moscow has acted on these criminal groups in response to US pressure.

US government officials on Microsoft’s findings pointed out that recent infiltration attempts appear to be routine hacking of handicrafts mainly from Russia.

“Based on the description of Microsoft’s blog, the activity described is the operation of a factory for the purpose of crude password spraying, phishing and surveillance, which is being attempted daily by Russia and other foreign governments.” The US government said. the officer said.

Stakeholders noted an account feature that requires a code sent to a phone or other device to verify a login, “If the cloud service provider implements foundational cybersecurity practices, including multi-factor authentication, I may intrude.” was able to stop the efforts of

Network management software vendor SolarWinds is unaware of how it was initially compromised, but corporate executives and investigators said the first entry point was Microsoft’s observation of this recent activity. He says that it may have been the same crude technology.

Supply chain cybersecurity has attracted unprecedented interest in Washington over the past few months, partly due to the devastating and widespread consequences of the SolarWinds breaches. Last week, the US House of Representatives passed Bill 412-2, and the Department of Homeland Security will issue guidance for federal contractors to submit software details in their supply chains, including the origin of the technology, to DHS. I asked. Review.

The parliamentary action follows an executive order signed by President Biden in May. It was also shaped by the SolarWinds breach and created the baseline cybersecurity standard for US agencies and their software contractors, including obligations to use multi-factor authentication and data encryption.

“The Solarwind incident was a turning point for our country,” National Security Agency director and US Cyber ​​Command General Paul Nakasone told a meeting earlier this month, adding that it was a serious invasion by foreign enemies. I am trying to harm the country. “

write in Robert McMillan at [email protected] and Dustin Volz at [email protected]

Copyright © 2021 DowJones & Company, Inc. All rights reserved. 87990cbe856818d5eddac44c7b1cdeb8


Please enter your comment!
Please enter your name here