Microsoft says hackers viewed source code, didn't change it
Microsoft said Thursday in a blog post that hackers tied to a massive intrusion of dozens of U.S. government agencies and private companies snuck farther into its systems than previously thought, although the intrusion doesn’t appear to have caused any additional harm
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.Microsoft said Thursday in a blog pos t that hackers tied to a massive intrusion of dozens of U.S. government agencies and private companies snuck farther into its systems than previously thought, although the intrusion doesn't appear to have caused any additional harm.
The company said the hackers were able to view some of the code underlying Microsoft software, but weren't able to make any changes to it.
Microsoft played down any risk associated with the additional intrusion, noting that its software development relies on code sharing within the company a practice called “inner source.” Likewise, Microsoft said it doesn't rely on keeping program code secret as a security measure and instead assumes that adversaries have seen its code and uses other defensive measures to frustrate attacks.
The company said it found no evidence of hacker access to customer data and no indication that its systems were used to attack others.
The hack began as early as March when malicious code was snuck into updates to SolarWinds software that monitors computer networks. Microsoft helped respond to the breach with cybersecurity firm FireEye, which discovered the hack when the security firm itself was targeted.
Cybersecurity experts and U.S. officials suspect Russia was behind the hack that infiltrated over 40 federal agencies, including the departments of Treasury, Energy and Commerce, as well as government contractors. Russia has denied that it is to blame.
Subscribe to Independent Premium to bookmark this article
Want to bookmark your favourite articles and stories to read or reference later? Start your Independent Premium subscription today.