Both the US agency and Microsoft play down the danger, claiming they have activated the attack’s kill switch.
Microsoft and several US government agencies were caught in a massive hack after Russian spies managed to access SolarWinds’ monitoring software, Orion. Hackers added a trojan inside the monitoring tool, which gave them access to pretty much everything they needed: access the victim’s network, execute commands and read emails.
Microsoft representatives admitted that the company is an Orion user and had installed the infected version. However, there weren’t any signs that would point to unauthorized access of users’ data.
“Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious SolarWinds binaries in our environment, which we isolated and removed,” Frank Shaw, Microsoft’s comms veep, said in a statement. “We have found no evidence of access to production services or customer data. Our investigations, which are ongoing, have found absolutely no indicators that our systems were used to attack others.”
On the other hand, it is reported that the US government’s Dept of Energy’s National Nuclear Security Administration, which oversees the country’s nuclear stockpile, was also hacked by the Orion backdoor. A DOE spokesperson said: “At this point, the investigation has found that the malware has been isolated to business networks only, and has not impacted the mission essential national security functions of the department, including the National Nuclear Security Administration.”
The network monitoring software is used by 300k customers, of which at least 18k have downloaded and installed the infected binaries. These clients range from US and UK government institutions to Fortune 500 companies.
FireEye, a private company who was investigating the Orion hack, worked with GoDaddy and Microsoft to remotely trigger the kill switch that was implemented in the trojan.
Check the source.
- Most Companies Aren’t Ready For The Greatest Cyber Threat Of 2021 – RansomwareOne would think that ransomware, currently the most significant cyber threat out there, keeps all organizations on edge and […]
- Patch These 5 Vulnerabilities Now To Protect Your Company From Ransomware AttacksHackers are actively exploiting years-old security vulnerabilities to launch ransomware attacks because organizations skip on patching them. Some of […]
- Fileless And Encrypted Malware Saw Massive Growth in Q2 2021A new report analyzing malware trends in the second quarter of 2021 shows that cyber threats are becoming stealthier, […]
- Massive Phishing Attack Hits At Least 6,000 Coinbase UsersCrypto exchange Coinbase confirmed that funds were stolen from at least 6,000 accounts in a vast phishing attack this […]
- The 3 Top Ransomware Threats Might Surprise YouNo, it’s not Revil, Ragnar Locker, BlackMatter, or Conti to make it to the top three ransomware threats responsible […]