Home > Phone > Microsoft reveals SolarWinds hackers gained access to its source code

Microsoft reveals SolarWinds hackers gained access to its source code


Microsoft recently revealed that it found found “malicious binaries” on its systems in the wake of the massive SolarWinds hack which targeted products such as Azure, but the company assured that no user data was compromised. However, it appears that the hackers went deeper into Microsoft’s systems than previously disclosed by the company. In an official blog post, the software giant has today divulged that the group behind the massive cybersecurity incident also got access to Microsoft source code.

Viewing source code isn’t tied to elevation of risk: Microsoft.

“We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories,”  the company said. Microsoft, however, assured that these accounts did not have the required privilege to be able to make changes to the source code, something that would have been catastrophic had it actually happened. “These accounts were investigated and remediated,” Microsoft adds. 

The company also noted that viewing its source code doesn’t pose any risk elevation threat, as the company is not dependent on how well the source code is protected for product security and that it already assumes that “attackers have knowledge of source code.” While Microsoft’s assurance might come as a sigh of relief, it also serves as a clear sign of how far-reaching the SolarWinds attack was which affected companies such as Intel, Nvidia, and VMWare to name a few. 

Microsoft assures no user data was compromised

Even though Microsoft has downplayed the risks, accessing the source code is no small thing in the world of cybersecurity. After all, it is the building block and a fundamental component of a program (or software), and having access to it makes it much easier to launch attacks.

Microsoft President Brad Smith recently called the attack ‘a moment of reckoning’ and noted that it should serve as a catalyst for more effective collaboration between tech companies and the government to launch a stronger and more coordinated global cybersecurity response. 

Nadeem Sarwar

I’ve been writing about consumer technology for over three years now, having worked with names such as NDTV and Beebom in the past. Aside from covering the latest news, I’ve reviewed my fair share of devices ranging from smartphones and laptops to smart home devices. I also have interviewed tech execs and appeared as a host in YouTube videos talking about the latest and greatest gadgets out there.

Source link

Hi guys, this is Kimmy, I started LicensetoBlog to help you with the latest updated news about the world with daily updates from all leading news sources. Beside, I love to write about several niches like health, business, finance, travel, automation, parenting and about other useful topics to keep you find the the original information on any particular topic. Hope you will find LicensetoBlog helpful in various ways. Keep blogging and help us grow as a community for internet lovers.