Networks using SolarWinds’ Orion network management tools are seriously under threat. Various organizations are still grappling with the impact of a massive hacking campaign used to undermine networks.
Although Microsoft said that there were no evidence hackers succeeded in stealing customer data or used its systems to hack other companies, the company confirmed that it found compromised SolarWinds code in its systems.
A report from Reuters said the NSA sent out a cybersecurity advisory that referenced Microsoft products like Azure and Active Directory as tools that attackers used to gain access to other resources.
Microsoft said it found malicious binaries but found no proof that anyone had accessed production services or customer data. Another report said that Microsoft cloud offerings were used by hackers in the attacks but Microsoft debunked that claim, saying there is no evidence of that.
However, Cybersecurity and Infrastructure Agency (CISA) said it has evidence of additional access vectors beyond the Orion platform, and the backdoor it contained, dubbed Sunburst or Solarigate.
Microsoft’s response was that even though it found malicious SolarWinds binaries in its environment, the team had isolated the threat and removed it, so there’s no cause for alarm. But the company also intimated that its investigations are ongoing.
These rampant occurrences have made cybersecurity experts say that 2020 will go down on a low note in the IT and cybersecurity community. There are various reports of US government agencies suffering from the effects of cybersecurity in recent weeks.
Some commentators think that hackers have been able to compromise and infiltrate organizations and institutions, and the number of victims keeps increasing.
It is normal for a company like Microsoft not to admit what may mean the end of business for it, the company has not really responded on how and why it is possible for its software and services to be infiltrated.