Yahoo Finance Microsoft reveals that SolarWinds hackers accessed its source code
The hackers behind a massive cyber-attack on US government networks were also able to break into Microsoft and view some of its source code, the company has disclosed.
Microsoft's security team said on Thursday that its investigation into the devastating SolarWinds hack had uncovered covert activity in its central software repositories, where it keeps the authoritative text of its software.
It said that it had found no evidence of Microsoft systems being used to attack anyone else, and that its programs are designed to remain secure even if the attacker already has access to their code.
Even so, the ubiquity of Microsoft's products in offices across the world and the widespread use of its security service by companies, politicians and government agencies, raises worrying questions about the hackers' long-term goals.
It comes after a US Senate committee revealed that the months-long campaign, which Western spies have pinned on an infamous Russian state-backed group nicknamed "Cozy Bear" group, may have begun even earlier than March 2019.
At least six US government agencies and thousands of companies including Deloitte and Cisco were compromised using a loophole in software made by SolarWinds, a Texas-based company that runs computer networks across the world.
Microsoft said: "Our investigation into our own environment has found no evidence of access to production services or customer data... [and] no indications that our systems were used to attack others...
"Our investigation has, however, revealed attempted activities beyond just the presence of malicious SolarWinds code in our environment. This activity has not put at risk the security of our services or any customer data, but we want to be transparent and share what we’re learning as we combat what we believe is a very sophisticated nation-state actor.
"We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories.
"The account did not have permissions to modify any code or engineering systems and our investigation further confirmed no changes were made."
Microsoft did not say which programs the hackers had seen. According to Reuters, some of Microsoft's authorised software resellers were themselves used as a stepping stone into computer systems that did not use any SolarWinds products.
Over the course of nine months, the hackers were able to steal data, intercept emails and even make off with custom hacking tools used by the cybersecurity firm FireEye to test its clients' defences.
The British Ministry of Defence, the Home Office, GCHQ and some NHS trusts have also used SolarWinds software, and British spooks are investigating whether they were targeted.
The incoming US President, Joe Biden, has suggested that he may launch retaliatory cyber-attacks against Russia, as his predecessor Donald Trump did in response to Russian meddling during the 2018 US midterm elections.
