Hackers infiltrated the update of SolarWinds corporate software seized the Treasury Department’s email traffic. Microsoft is also among SolarWinds customers.
It was on the agenda that a cyber attack was made against the US Treasury Department and the email traffic was seized. Microsoft was also affected by the attack via a software update.
Malicious codes on Microsoft servers
As will be remembered, the hacker group that infiltrated the update of a corporate traffic tracking software called SolarWinds managed to inject malicious code. Email correspondence of employees of the US Treasury Department and Department of Commerce using this update was also seized.
Within the scope of the investigation, in which many security institutions were involved, it was determined that the SolarWinds software was also used by Microsoft and the Ministry might have been attacked through Azure systems.
After the warnings, Microsoft monitored its own servers and, as mentioned, noticed some malicious code associated with SolarWinds. The company said in a statement that it detected malicious codes, but that they did not cause any unauthorized access or data leakage. In other words, it was stated that Azure systems did not play a role in these attacks.
Microsoft president Brad Smith emphasizes that they have reached around 40 customers regarding the attack and that they may have infiltrated these companies with different sophisticated methods. Most of these companies are in the USA. The remaining part is in Europe and Asia. Microsoft is working on attack methods and states that they will be able to see the traces of the SolarWinds attack in more organizations in the coming days.
The CIA has deepened its research on the subject and links with the Russian state are suspected. However, the Russian government interpreted these claims as funny. Microsoft also states that it is working with 40 different customers to reduce the impact of cyber attacks.