Federal investigators say there is concrete evidence that the suspected Russian hack of U.S. government and businesses went beyond compromising SolarWinds Corp.'s software, which has been considered the main avenue of attack.
The Cybersecurity and Infrastructure Security Agency's Brandon Wales said about 30% of both private-sector and government victims had no direct connection to SolarWinds.
This comes after Malwarebytes Inc., which does not use SolarWinds software, reported that some of its Microsoft cloud email accounts were compromised by the same attackers using "another intrusion vector."
Investigators say the hackers leveraged known Microsoft configuration issues to obtain access to emails and documents stored on the cloud.
A source indicated SolarWinds is investigating whether Microsoft's cloud was the hackers' initial entry point into its network.
Said Wales, "We continue to maintain that this is an espionage campaign designed for long-term intelligence collection."
From The Wall Street Journal
View Full Article - May Require Paid Subscription
Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA
No entries found