Microsoft also had its own products leveraged to attack victims, said people familiar with the matter. — Reuters pic
Microsoft also had its own products leveraged to attack victims, said people familiar with the matter. The US National Security Agency issued a rare “cybersecurity advisory” yesterday detailing how certain Microsoft Azure cloud services may have been compromised by hackers and directing users to lock down their systems.
Both Microsoft and the DHS, which earlier yesterday said the hackers used multiple methods of entry, are continuing to investigate.The US Energy Department also said it has evidence hackers gained access to its networks as part of the campaign. Politico had earlier reported the National Nuclear Security Administration , which manages the country's nuclear weapons stockpile, was targeted.
CISA urged investigators not to assume their organisations were safe if they did not use recent versions of the SolarWinds software, while also pointing out that the hackers did not exploit every network they gained access too. But the attackers might have installed additional ways of maintaining access, CISA said, in what some have called the biggest hack in a decade.
But the attackers are very careful and have deleted logs, or electronic footprints or which files they have accessed, security experts said. That makes it hard to know what has been taken.