Sign In

Communications of the ACM

ACM TechNews

Suspected Russian Hack Extends Far Beyond SolarWinds Software, Investigators Say


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
A hacker examines a world map.

Investigators probing a massive hack of the U.S. government and businesses say they have evidence the suspected Russian espionage operation went far beyond the compromise of SolarWinds.

Credit: CRN.com

Federal investigators say there is concrete evidence that the suspected Russian hack of U.S. government and businesses went beyond compromising SolarWinds Corp.'s software, which has been considered the main avenue of attack.

The Cybersecurity and Infrastructure Security Agency's Brandon Wales said about 30% of both private-sector and government victims had no direct connection to SolarWinds.

This comes after Malwarebytes Inc., which does not use SolarWinds software, reported that some of its Microsoft cloud email accounts were compromised by the same attackers using "another intrusion vector."

Investigators say the hackers leveraged known Microsoft configuration issues to obtain access to emails and documents stored on the cloud.

A source indicated SolarWinds is investigating whether Microsoft's cloud was the hackers' initial entry point into its network.

Said Wales, "We continue to maintain that this is an espionage campaign designed for long-term intelligence collection."

From The Wall Street Journal
View Full Article - May Require Paid Subscription

 

Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA


 

No entries found