Suspected Russian hacking campaign hit over 40 organizations, Microsoft says
S E E D E D C O N T E N T
The suspected Russian hacking campaign that has torn through the U.S. government zeroed in on more than 40 organizations, Microsoft's president said Thursday.
The campaign, which U.S. officials believe is the work of Russian intelligence, began at least as early as March, though it was discovered only last week, and has broken into multiple federal agencies.
A multi-agency statement described it this week as "ongoing," leaving open the question of how many organizations were compromised and how badly.
Microsoft's statement is the first to provide a detailed estimate of how widespread the hack is. While the company doesn't have total visibility into the hacking campaign, it has significant insight thanks to governments and corporations' use of Windows and its antivirus software, Defender.
In a blog post Thursday evening, the company's president, Brad Smith, said that of the more than 40 organizations it had identified as having been significantly impacted, 80 percent were in the U.S., but there were also victims in Belgium, Canada, Israel, Mexico, Spain, the U.A.E. and the United Kingdom.
While many victims were government agencies, companies that contract with governments or think tanks and information and technology companies were also frequently hit, Microsoft found.
The breadth of the campaign has been an open question because it had the opportunity to infect a staggeringly wide array of victims.
The hackers were able to get inside organizations by first breaking into SolarWinds, a relatively obscure technology company in Austin, Texas, that counts a number of U.S. government agencies and major corporations as customers. In March, the hackers were able to send poisoned software updates to all SolarWinds customers who used versions of its popular Orion platform, giving them a foothold into victims' systems.
In a Monday filing with the Securities and Exchange Commission, SolarWinds noted that approximately 33,000 customers likely downloaded the malicious software update, though it estimated the actual number of victims as "fewer than 18,000."
However, experts and U.S. officials had widely believed that Russia would only devote resources to hacking and secretly stealing information from a more targeted list of organizations.
Dmitri Alperovitch, co-founder of the cybersecurity firm CrowdStrike and chair of the Silverado Policy Accelerator, said in a previous interview that an intelligence agency wouldn't be able to fully exploit that many victims and instead would have to settle on the most valuable targets.
"The good news here, if you want to look for a silver lining, is no intelligence agency has enough human power to go after everyone," Alperovitch said Monday.
"That's the good news. The bad news is they had nine months to cherry-pick and go after the best of the best."
Most of the hacked organizations are still unidentified. Three major targets have admitted to being infected: the U.S. departments of Commerce and Energy and the cybersecurity company FireEye, which was the first to report it. A number of other organizations have been reported as victims but have not come forward to confirm.
SolarWinds had maintained a list of more than 100 prominent government and business customers on its website, though it removed that page Monday. None of those organizations admitted to being hacked, though a number of them said they were still investigating or didn't respond to requests for comment.
Tags
Who is online
466 visitors
Putin should still be
congratulating , Trump
as well, his Diversionary distraction who nary said a negative to Russias' leader about most everything of most anything cause he's a mean misstreater of Americans, not ones who would put bounty amounts on our Service men and Women, asz i still can't get over how the HELL he got a pass on that one, but hey, while Trumpster did and does still play, Putins' been working round the dial pulling puppet stringed to be strung
a
long
by wire
Fed to Ex
Presidents that swallow
Alka Seltzer, cause who would
could , B leave, Trump could swallow
the whole thing, hooker, notes of Linear, and
Sinker,as he does , cause elected was a mental defected and by some here, still not detected, just a country totally infected buy that which was bought and brought forth to be Putins' potUS and bitch, cause peep holes shoulds have known since well b 4 Helsinki ,
over US, like a Black Clouded Judgedmental
I often wonder if the internet is a blessing or a curse.
If I am China I am hiring every Russian hacker available- I am changing my intelligence software over to whatever the Russians are using; and then going full bore against the US and everyone else.
Russia is the popular US bogey man; the media, Democrats, and their lemmings are so fixated on Russia that they completely ignore what the intelligence community and military says are the #1 threat to the US in China.
But hey, Russia, Russia, Russia.
I am still wonder what Democrats and the media expect Trump to do? Ratchet up sanctions even more against Russia? How they are as tight as they are going to get. Start a war with Russia in Syria or Ukraine? Sorry, leaving that one for "Mr tough talk following the Hillary way" Biden. Make a strong statement condemning their actions? Putin will laugh that one off; and it is a weak and pathetic response. When Trump reacts the TDS sufferers lash out; when he takes his time the TDS sufferers lash out.
You are not China, in the real world Trump our self-described ''War-Time President'' has gone AWOL, he is hiding out in his bunker tweeting lies and BS about the election be stolen. 3,500 US citizens die from COVID in one day and what do we hear from Trump, not a damn thing, a massive hack, and again not a frickin' world from Bunker Boy.
TDS, yeah for sure Trump has TDS he is delusional.
So, you're saying that Trump's plan to partner with Putin on cybersecurity wasn't a bigly tremendous idea?
Who woulda thunk it?
What plan...and do you have any evidence of this "partnership"?