WASHINGTON (Reuters) – A burglary campaign that used a U.S. technology company as a springboard to compromise a series of U.S. government agencies is “the biggest and most sophisticated attack the world has ever seen,” Brad Smith said. president of Microsoft, said.
The operation, which was identified in December and which, according to the US government, was probably orchestrated by Russia, violated software manufactured by SolarWinds Corp., which gave hackers access to thousands of companies and government offices using its products.
The hackers gained access to e-mail from the US Treasury, Department of Justice and Commerce and other agencies.
Cybersecurity experts said it could take months to identify the compromised systems and dispel the hackers.
“I think from a software engineering perspective, it’s probably fair to say that this is the biggest and most sophisticated attack the world has ever seen,” Smith said in an interview on the CBS program on Sunday. ’60 Minutes’ was broadcast.
The breach could have endangered up to 18,000 SolarWinds customers who used the Orion network monitoring software and likely relied on hundreds of engineers.
“When we analyzed everything we saw at Microsoft, we asked ourselves how many engineers were probably working on these attacks. “And the answer we came up with was, surely, more than 1,000,” Smith said.
US intelligence services said last month that Russia was “probably” behind the breach of SolarWinds, which they said was apparently aimed at gathering intelligence rather than destructive acts.
Russia has denied responsibility for the burglary.
Reporting by Brad Heath; Edited by Heather Timmons and Peter Cooney