The cyberattack began in March, with hackers taking advantage of an update to surveillance software developed by a Texas company and used by tens of thousands of businesses and governments across the country. world.
Microsoft acknowledged, Thursday, December 31, that the hackers behind the gigantic cyberattack which targeted systems of the US government and private companies had gone further in its network than what the software giant had previously recognized.
These hackers, suspected of being linked to the Russia by the American authorities, had access to the computer code (source code), important key for its system, of the company by hacking the account of an employee, specifies the group in a blog post. The attack, which went further than Microsoft initially thought, did not however compromise or modify any of its software, the company assures.
“We detected unusual activity on a small number of internal accounts and upon verification found that an account had been used to view the source code in a number of repositories, “Microsoft revealed on its security blog. And to clarify:
“The account did not have the authorization to modify the code or the engineering systems and our investigation then confirmed that no modifications had been made. These accounts have been reviewed and amended. “
According to Microsoft, this” has not endangered the security of our services or customer data, but we want to be transparent and share what we have learned as we let’s fight what we think is a very sophisticated state actor ”. Microsoft had previously identified “malicious SolarWinds applications” in its systems.
Cyber attack launched in March
The cyberattack was launched last March, according to information from the US government, the hackers taking advantage of an update to surveillance software developed by Texas-based SolarWinds, used by tens of thousands of businesses and governments around the world.
In mid-December, this attack hit the computer systems of US government agencies, including the departments of State, Commerce, the Treasury, internal security and national health institutes.
Foreign Minister Mike Pompeo and then Justice Minister Bill Barr, relatives of Donald Trump, said Moscow was behind the cyberattack, an opinion not shared by the US president. Mr. Trump has indeed downplayed the operation and the supposed role of Russia.