Suspected Russian Hack Extends Far Beyond SolarWinds Software, Investigators Say

/in


News Highlights: Suspected Russian Hack Extends Far Beyond SolarWinds Software, Investigators Say.

Almost a third of the victims have it

SolarWinds Corp.

SWI 0.24%

software initially considered the main attack route for the hackers, according to investigators and the government agency who looked into the incident. The revelation sparks concerns that the episode exploited vulnerabilities in enterprise software used by millions every day.

SHARE YOUR THOUGHTS

What changes do you think the U.S. government and businesses may need to make to protect data? Join the conversation below.

Hackers linked to the attack have broken into these systems by exploiting known bugs in software products, guessing passwords online, and responding to a variety of issues in the way

Microsoft Corp.’s

MSFT -2.92%

According to the researchers, cloud-based software has been configured.

About 30% of both private and government victims linked to the campaign had no direct affiliation with SolarWinds, Brandon Wales, acting director of the Cybersecurity and Infrastructure Security Agency, said in an interview.

The attackers “gained access to their targets in various ways. This adversary has been creative, ”said Mr. Wales, whose agency, part of the United States Department of Homeland Security, is coordinating the government’s response. “It is absolutely correct that this campaign should not be viewed as the SolarWinds campaign.”

Brandon Wales, acting director of the Cybersecurity and Infrastructure Security Agency, at a Senate subcommittee hearing in December.

Photo:

Rod Lamkey – Cnp / Zuma Press

Company investigators come to the same conclusion. Last week, computer security company Malwarebytes Inc. that some of his Microsoft cloud email accounts were compromised by the same attackers which SolarWinds attacked, using what Malwarebytes called “another intrusion vector.” The hackers broke into a Malwarebytes Microsoft Office 365 account and took advantage of a loophole in the software’s configuration to access a greater number of email accounts, Malwarebytes said. The company said it does not use SolarWinds software.

The incident showed how advanced attackers could jump from one cloud…

Source…