U.S. The suspected Russian hacking campaign, cracked down on by the government, has reached more than 40 organizations, the president of Microfte said on Thursday.
U.S. officials believe the operation was carried out by Russian intelligence, at least as soon as it began. March, Although it was only found last week, and it has crashed into several federal agencies.
The multi-agency statement described it this week:Ongoing, ”Opening the question of how many institutions were compromised and how bad.
Micro .ft’s statement first provides a detailed estimate of how widespread the hack is. The company does not have full visibility into the hacking campaign, it has significant insights into the use of Windows and its antivirus software, Defender, by governments and corporations.
Inside Blog post On Thursday evening, the company’s president, Brad Smith, said that of the more than 40 organizations that had a significant impact, 80 percent were U.S. Were in, but there were also victims from Belgium, Canada, Israel, Mexico, Spain, and so on. UAE and United Kingdom.
While many of the victims were government agencies, companies that contracted with governments or even think tanks and information and technology companies were frequently hit, Micros found.
The breadth of the campaign is an open question because it had the opportunity to infect a surprisingly wide array of victims.
Were able to gain access to organizations through hackers The first break in the Sourwinds, A relatively obscure technology company based in Austin, Texas. Considers many government agencies and major corporations as customers. In March, hackers were able to send toxic software software updates to all Solarwinds customers who used versions of its popular Orion platform, putting their foot in the victims’ system.
Inside Monday filing With the Securities and Exchange Commission, Solarwinds noted that approximately 33,000 customers have downloaded the malicious software update, although it estimates the actual number of victims is “less than 18,000.”
However, experts and U.S. officials widely believed that Russia would only devote resources to hacking and secretly stealing information from a more targeted list of organizations.
Dmitry Alperwich, co-founder of cybersecurity firm CrowdStrike and chairman of Silverrado Policy Accelerator, said in an earlier interview that an intelligence agency would not be able to fully exploit many victims and would instead have to settle on the most valuable targets. .
“The good news here is, if you want to see the silver lining, no intelligence agency has enough manpower to keep everyone behind.” Alperovich said Monday.
“It’s good news. The bad news is that they had nine months to be cherry-picked and the best of the best. “
Most of the hacked organizations are still unknown. Three main targets have admitted to being infected: the U.S. Department of Commerce and Energy and the cybersecurity company Fire, which first reported it. A number of other organizations have been reported as victims, but they have not come forward to confirm.
Solarwinds maintained a List His website has more than 100 leading government and business customers, although he removed that page on Monday. None of those organizations admitted to being hacked, although some of them said they were still investigating or did not respond to requests for comment.
Rich Gardella and Ken Dillanian Contributed.
Coffee enthusiast. Travel scholar. Infuriatingly humble zombie fanatic. Thinker. Professional twitter evangelist.