Microsoft exec says attack is ‘ongoing,’ but company denies report that its products furthered the hack
Microsoft Corp. was breached as part of the massive hack that used a backdoor in SolarWinds software, as part of what the tech giant’s president called “effectively an attack on the United States.”
Reuters reported Thursday that after infiltrating Microsoft, hackers used its products to attack others.
While Microsoft MSFT, -0.96% officials confirmed the breach, they denied its products were used to further the hack.
“Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious SolarWinds binaries in our environment, which we isolated and removed,” Microsoft spokesman Frank Shaw said on Twitter. “We have not found evidence of access to production services or customer data. Our investigations, which are ongoing, have found absolutely no indications that our systems were used to attack others.”
In a blog post Thursday, Microsoft President Brad Smith said: “This latest cyber-assault is effectively an attack on the United States,” calling the hack “a moment of reckoning.”
The hack, which was first reported Sunday, may be the most widespread and most damaging ever to strike the U.S. The Cybersecurity and Infrastructure Security Agency said Thursday that “critical infrastructure” had been breached, and that the risk to government and private networks was “grave.”NOW PLAYING: ‘Personnel Is Policy’: Four Themes Emerge as Biden Selects Team00:0105:13Visit our Video Center
Roughly 18,000 companies — including the vast majority of S&P 500 SPX, -0.45% companies — and U.S. government agencies, such as Treasury and Commerce, were victims of the malware. SolarWinds SWI, -0.11% said Thursday it has already patched the software vulnerability. The Wall Street Journal reported Thursday that the hackers were extraordinarily stealthy and used never-before-seen hacking tools. The government and companies are still figuring out how much information has been compromised.
Smith said Microsoft’s cybersecurity team agrees with conclusions of FireEye FEYE, 8.27% CEO Kevin Mandia, who said a nation-state was most likely behind the attack. Russia is the prime suspect.
“The attack unfortunately represents a broad and successful espionage-based assault on both the confidential information of the U.S. government and the tech tools used by firms to protect them,” Smith said.
Smith warned that the attack is “ongoing,” and said at least seven other countries had been hit, including Canada, the U.K., Spain, Israel and the UAE. “It’s certain that the number and location of victims will keep growing,” he said.
“This is not ‘espionage as usual,’ even in the digital age,” Smith said. “Instead, it represents an act of recklessness that created a serious technological vulnerability for the United States and the world. In effect, this is not just an attack on specific targets, but on the trust and reliability of the world’s critical infrastructure.”
He called for a strong, coordinated global response to cyberattacks, from both private and public sectors, as well as holding nations accountable for cyberattacks.
“We live in a more dangerous world, and it requires a stronger and more coordinated response,” Smith wrote.