Microsoft president terms SolarWinds hack as 'largest and most sophisticated attack'

By
Reuters

February 15, 2021

Microsoft's President Brad Smith speaks at the Web Summit, in Lisbon, Portugal, November 6, 2019. Photo: Reuters/File

  • Operation was identified in December and that the US government has said was likely orchestrated by Russia
  • Hackers breached software made by SolarWinds Corp to access thousands of companies and government offices that used its products
  • Cybersecurity experts have said it could take months to identify the compromised systems and expel hackers

WASHINGTON: Microsoft Corp President Brad Smith said on Monday that possible Russian hackers use of US tech company's software to compromise raft of US government agencies is “the largest and most sophisticated attack the world has ever seen.”

The operation, which was identified in December and that the US government has said was likely orchestrated by Russia, breached software made by SolarWinds Corp, giving hackers access to thousands of companies and government offices that used its products.

The hackers got access to emails at the US Treasury, Justice and Commerce departments and other agencies.

Cybersecurity experts have said it could take months to identify the compromised systems and expel the hackers.

Read more: Joe Biden's election campaign targeted by Russian state hackers, says sources

“I think from a software engineering perspective, it’s probably fair to say that this is the largest and most sophisticated attack the world has ever seen,” Smith said during an interview that aired on Sunday on the CBS program “60 Minutes.”

The breach could have compromised up to 18,000 SolarWinds customers that used the company’s Orion network monitoring software, and likely relied on hundreds of engineers.

“When we analyzed everything that we saw at Microsoft, we asked ourselves how many engineers have probably worked on these attacks. And the answer we came to was, well, certainly more than 1,000,” Smith said.

Read more: Cyber attack on US govt may have started earlier than initially thought

US intelligence services said last month that Russia was “likely” behind the SolarWinds breach, which they said appeared to be aimed at collecting intelligence rather than destructive acts.

Russia has denied responsibility for the hacking campaign.