CrowdStrike Slams Microsoft Over SolarWinds Hack

Feb 24, 2021 08:00 pm Cyber Security 206

CrowdStrike Slams Microsoft Over SolarWinds Hack

The United States Senate's select committee on intelligence met yesterday to hear evidence from tech executives regarding the historic hack on Texas-based company SolarWinds





Government agencies issued emergency directives in December after cybersecurity company FireEye detected a supply-chain attack trojanizing SolarWinds' Orion business software updates to distribute malware.





Using SolarWinds and Microsoft programs, hackers believed to have been working for Russia attacked nine federal agencies and around 100 American companies.





The committee heard that both the scale and sophistication of the attack were greater than had been previously thought. Microsoft president Brad Smith said the attack "was the largest and most sophisticated sort of operation that we have seen" and that he believed it was the work of “at least 1,000 very skilled, very capable engineers.”





The true impact of the attack may never be gauged as victims are only required by law to disclose cyber-attacks that expose individuals' private data. 





During the attack, hackers were able to read Microsoft's source code for how its programs authenticate users and then manipulate those programs to access new areas inside victims' networks. 





Smith said that this had been made possible not through any errors on Microsoft's part, but as the result of customers' configuration mistakes and other errors that meant "the keys to the safe and the car were left ..

Support the originator by clicking the read the rest link below.

crowdstrike slams microsoft solarwinds
Read The Rest from the original source
infosecurity-magazine.com

Related News

Be in Touch

All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
Powered By The Internet!!!!