The Russia-linked SolarWinds cap, aimed at U.S. government agencies and private companies, could be even worse than officials first realized, with about 250 federal agencies and cases now believed to be the New York Times report.
Microsoft said the hackers compromised SolarWinds’ Orion monitoring and management software, enabling them to make an imitation of any of the organization’s existing users and accounts, including highly privileged accounts. ‘ The Times reports that Russia has used layers of the supply chain to gain access to the agencies’ systems.
The Times reported that early warning sensors that Cyber Command and the NSA placed in foreign networks to detect potential attacks apparently failed in this case. In addition, it seems likely that the U.S. government’s attention to protecting the November election against foreign hackers may have taken resources and focus from the software supply chain, according to the Times. And by carrying out the attack from the US, the hackers apparently made the detection by the Department of Homeland Security possible.
Microsoft said earlier this week that it had discovered that its systems had been infiltrated “outside the presence of malicious SolarWinds code.” The hackers were able to ‘see source code in a number of source code repositories’, but the hacked account granting access does not have permission to modify any code or systems. In a little bit of good news, however, Microsoft said that “no evidence of access to production services or customer data” was found, and that there was no indication that our systems had been used to attack others. ‘
Sen. Mark Warner (D-Virginia), a member of the Senate Intelligence Committee, told the Times the hood looks “much, much worse” than he first feared. “Its size still holds up,” he said. “It is clear that the US government has missed it.”