Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

SolarWinds hack was ‘largest and most sophisticated attack’ ever seen, Microsoft president says

More than 1,000 engineers may have worked on the attacks, claims Brad Smith

Wendell Roelf
Monday 15 February 2021 09:43 GMT
Comments
Up to 18,000 SolarWinds customers could have been compromised
Up to 18,000 SolarWinds customers could have been compromised (REUTERS)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

A hacking campaign that used a tech company as a springboard to compromise a raft of US government agencies is “the largest and most sophisticated attack the world has ever seen”, Microsoft president Brad Smith said.

The operation, identified in December, which the US government has said was likely orchestrated by Russia, breached software made by SolarWinds, giving hackers access to thousands of companies and government offices that used its products.

The hackers got access to emails at the US Treasury, Justice and Commerce departments and other agencies.

Cybersecurity experts have said it could take months to identify the compromised systems and expel the hackers.

“I think from a software engineering perspective, it’s probably fair to say that this is the largest and most sophisticated attack the world has ever seen,” Mr Smith said during an interview that aired on Sunday on the CBS programme 60 Minutes.

The breach could have compromised up to 18,000 SolarWinds customers that used the company’s Orion network monitoring software, and likely relied on hundreds of engineers.

“When we analysed everything that we saw at Microsoft, we asked ourselves how many engineers have probably worked on these attacks. And the answer we came to was, well, certainly more than 1,000,” Mr Smith said.

US intelligence services said last month that Russia was “likely” behind the SolarWinds breach, which they said appeared to be aimed at collecting intelligence rather than destructive acts.

Russia has denied responsibility for the hacking campaign.

Reuters

Read More: Cybercrime

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in