Microsoft Details How SolarWinds Was The World's Largest And Most Sophisticated Security Hack
Since December, a breach at I.T. administration and monitoring software company SolarWinds
has been unfurling to reveal several serious security issues
. Many companies and government organizations had data accessed and perhaps even stolen. Now, in an interview that gave an interesting insight into the situation, Microsoft
's president Brad Smith called the hack the "largest and most sophisticated attack the world has ever seen."
SolarWinds Orion, as CBS's 60 Minutes explains, is "one of the most ubiquitous software products you probably never heard of, but to thousands of I.T. departments worldwide, it's indispensable." The software, which simplified I.T. administration and management, touted customers such as the U.S. Government, Microsoft, and others. This software, however, became a single point of failure for all of these groups. Since SolarWinds Orion was breached, the attackers infected and opened up a backdoor to 18,000 SolarWinds Orion customers worldwide, according to Smith.
Microsoft's Estimated Attack Timeline For SolarWinds Hack (click to enlarge)
Not only was the initial attack bad, but cleaning up in the aftermath was potentially as bad and perhaps even scarier. We began to see stolen source code
from companies pop up for sale, among other issues. While this was occurring, Microsoft assigned 500 engineers to dig into the attack. One of these engineers "compared it to a Rembrandt painting, the closer they looked, the more details emerged." After analyzing everything they could, as Smith explains
, Microsoft determined that over 1,000 engineers probably worked on the attack before the attackers unleashed it.
Now, Microsoft believes that these attacks are continuing in the background after hackers opened up the backdoors. As it stands, security researchers believe that the most amount of damage has already been done, but this could also only be the tip of the iceberg. Ultimately, we will have to see if anything more comes of this, so keep an eye on HotHardware
for developments on the SolarWinds Orion hack.