The year 2020 ended with one of the most extensive and sophisticated attacks in cybersecurity history. Microsoft has revealed that the latest update to the Orion software, used to monitor and manage networks, included a backdoor. In this way, more than 17,000 customers have been affected, including the Pentagon, government agencies and hundreds of multinationals.
Although Microsoft discovered the flaw through audits of several of its customers, the company had not been affected … Until now. Apparently, those in Redmond also use software developed by SolarWinds. In this way, several hackers were able to access the source code developed by the company, although the scope is unknown.
Initial phase of the Solorigate attack
Microsoft says this attack poses no risk to its customers
Those at Redmond confirm that the attackers were able to “see the source code in a number of repositories.” However, they do not indicate how many repositories they have accessed, or what enterprise software this would affect. The reason could be that the attack is still under investigation, so we may continue to receive information about the scope in the months to come.
What Microsoft has confirmed is that the hacked account would not have permission to modify any code or system. In this way, we see how something as simple as properly configuring user permissions can save us from a much bigger disaster. The company also reassures customers by confirming that no customer or service data has been consulted.
In addition, Microsoft states that access to the code does not in itself pose a risk to customer security. The company assumes that its competitors can access its code and does not make the confidentiality of this code a basis of security. In fact, the biggest example is open source software, where the supply of the code is not tied to less security.