Learn What IT Pros Need to Know About Windows 11 - August 26th at 1 PM ET! Learn What IT Pros Need to Know About Windows 11 - August 26th at 1 PM ET!
Security

Microsoft Illustrates the Breadth and Depth of the SolarWinds Hack

Unless you have been hiding under an air-gapped rock, the entire computing industry was set on fire this week with the announcement that SolarWinds platform had been compromised. While we are starting to learn little bits of information about the scale and damage of this attack, Microsoft has begun to share what it has learned during the past few days.

Not long after the attack was made public, Microsoft began moving aggressively with nearly every tool in its arsenal to dig up new details and stop potential threats. This isn’t all that surprising, the company has an entire business unit devoted to these tasks that is running 24/7/365 but this attack is unlike anything we have seen in recent memory.

In a post penned by Brad Smith, he highlights some of the facts that SolarWinds already shared including, 17,000 customers being impacted by the breach but also shared new data too. Specifically, that the hackers, stated to be Russian, have targeted 40 organizations of which, 80% are located in the United States.

Image #1 Expand

Map showing hotspots of SolarWinds hacks being targeted – Image Credit: Microsoft

The targeted list includes not only government agencies, but security and other technology firms. One of the more well-known companies was FireEye who announced that their system and tools had been accessed and stolen. Microsoft was said to be a victim of the attack as well but the company has since denied that allegation.

Sponsored Content

Read the Best Personal and Business Tech without Ads

Staying updated on what is happening in the technology sector is important to your career and your personal life but ads can make reading news, distracting. With Thurrott Premium, you can enjoy the best coverage in tech without the annoying ads.

The full scale and damage of this hack is far from being completely understood. Over the next weeks and months, more information will surface and damage will be announced by companies who were targeted in the attacks.

Security will continue to be an evergreen challenge and as more sophisticated attacks continue to be uncovered, it’s imperative that IT Pros understand how and when to patch their enviornments.

Related Topics:

BECOME A PETRI MEMBER:

Don't have a login but want to join the conversation? Sign up for a Petri Account

Register
Comments (2)

2 responses to “Microsoft Illustrates the Breadth and Depth of the SolarWinds Hack”

  1. bluvg

    The SANS webcast about this is definitely worth a watch. Patching is certainly important, but in this case somewhat irrelevant, since it's a software supply chain hack. On top of that, it's for software that inherently has privileged access across the network--and typically more rights than necessary. Once in, apparently they were setting up unique infrastructure for each environment to maintain persistence. This was exceedingly difficult to protect against, since it's a trusted, signed binary, and the embedded malware only started phoning home 10-14 days after install. Defense in depth, zero-trust, rigorous threat modeling, etc. all come into play, but even then, the cards are stacked in favor of the attackers if they can pull off a Manchurian Candidate-like hack on this level.


    It's pretty amazing anyone caught it, actually. Now that they're in so many environments, removing all access is going to be quite ugly.

Leave a Reply

Brad Sams has more than a decade of writing and publishing experience under his belt including helping to establish new and seasoned publications From breaking news about upcoming Microsoft products to telling the story of how a billion dollar brand was birthed in his book, Beneath a Surface, Brad is a well-rounded journalist who has established himself as a trusted name in the industry.

Register for Advanced Microsoft 365 Day!

GET-IT: Advanced Microsoft 365 1-Day Virtual Conference - Live August 24th!

Join us on Tuesday, August 24th and hear from Microsoft MVPs and industry experts about how to take advantage of Microsoft 365 at a technical level and dive deep into the features and functionality that will make your environment more secure and compliant.

RSVP Now

Sponsored By