Microsoft has just completed its internal investigation, carried out following the attack it suffered from SolarWinds hackers. The publisher confirms that the latter did not access either production systems or customer data. And he found no clue that his systems could have served as a springboard to attack other organizations. The bad news is that the hackers were able to access a ” Small party “ source codes from Azure (cloud offering), Intune (mobile device manager) and Exchange (email).
The hackers were apparently looking for secret codes and identifiers. But there was none. “Our development policy prohibits the integration of secret codes and we have automated tools that allow this to be verified”Microsoft points out in a blog post.
For its part, the US government has indicated that the SolarWinds attack has claimed more than a hundred victims in the private sector alone. In addition, intrusions into nine federal agencies have been confirmed. The attack was so sophisticated that it must have required “Months of preparation”, said Anne Neuberger, cybersecurity adviser at the White House, during a press conference. For its part, Microsoft estimated that this campaign must have mobilized more than a thousand developers.
Source: Sécurité – 01net by www.01net.com.
*The article has been translated based on the content of Sécurité – 01net by www.01net.com. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!
*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.
*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!