SolarWinds Cyberattacks, Microsoft’s Turn?

The ‘SolarWinds hack’ has emerged as one of the biggest cyberattacks against the US government, its agencies, and several other private companies, so much so that it has been said the world is under global cyber attack.  

According to Microsoft’s president, Brad Smith, more victims are expected to surface as investigations continue. 

Government departments and private organizations all across the globe are facing difficulties in disabling the compromised SolarWinds products from their systems. 

Intelligences investigating the matter, have named the hack ‘Sunburst’, saying that it will take years to fully decipher these cyber-attacks including the attack vectors and the origin. In this regard, Smith further stated, “We should all be prepared for stories about additional victims in the public sector and other enterprises and organizations.” 

Furthermore, he said that Microsoft has already notified 40 of its security customers that its products are being found to be compromised. The malicious actors are seen to be targeting them “more precisely and breaching the security through additional and sophisticated measures”. Experts have predicted the continuity of the attacks, saying more victims are likely to come up. 

As per the researchers, approximately 80 percent of these customers were located in the United States, while others were from Mexico and Canada in North America, Spain, Belgium, and the United Kingdom in Europe, and UAE and Israel in the Middle East. 

Attackers have targeted the government agencies, security and other technology firms, and private organizations of the abovementioned nations. 

However, above all, the campaign is “effectively an attack on the United States and its government and other critical institutions,” Smith warned. So far, six federal entities have been attacked: the Department of Energy, The Pentagon, the National Institute of Health, the Department of Homeland Security the Department of Treasury, and the Department of Commerce. 

The information about the attack has come from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) as the agency warned government and non-government agencies that there could be additional initial-access vectors, beyond the SolarWinds Orion platform. 

Sources from Reuters told that the malicious actors used Microsoft’s Azure cloud as part of their attacks, however, a Microsoft spokesperson denied this by saying that “there are no indications that our systems were used to attack others’’