Microsoft’s Brad Smith labels SolarWinds hack ‘largest, most sophisticated attack ever’
Microsoft Corp. President Brad Smith has labeled the now-infamous hack of SolarWinds Worldwide LLC’s Orion software as the “largest and most sophisticated attack ever” as further details of the attack emerge.
Smith (pictured) made the comments on an interview on CBSNews’ “60 Minutes” Sunday night while also disclosing that Microsoft had assigned 500 engineers to investigate the attack. That number is half of what those behind the attack may have deployed, he added.
“When we analyzed everything that we saw at Microsoft, we asked ourselves how many engineers have probably worked on these attacks,” Smith said. “And the answer we came to was, well, certainly more than 1,000.”
Smith also discussed the scope of the attack, suggesting that the malicious software, which was buried in updates to SolarWinds Orion, went out to 18,000 organizations around the world.
“60 Minutes” also interviewed FireEye Inc. Chief Executive Officer Kevin Mandia. FireEye was the first to detect the attack when they were targeted themselves Dec. 8. Little was it known, at the time FireEye revealed that it had been hacked, just how big the hack would become.
“I can tell you this, if we didn’t do investigations for a living, we wouldn’t have found this,” Mandia said. “It takes a very special skill set to reverse-engineer a whole platform that’s written by bad guys to never be found.” FireEye subsequently discovered that the compromise had occurred because of malware in SolarWinds Orion Dec. 13. SolarWinds confirmed Dec. 14 that its software was at the center of the attack.
A full list of victims of the attack, all 18,000 of them, may never be fully known, but prominent victims include the U.S. Commerce and Treasury departments, Homeland Security, the State Department and the National Institutes of Health. The U.S. Energy Department and National Nuclear Security Administration were also compromised.
The “60 Minutes” report, like many media reports, focuses on the claim that the SolarWinds compromise was led by Russians but ignores evidence that Chinese hackers were also involved. In reality, both Russian and Chinese hacking groups are believed to have been involved.
Microsoft first published details that a second hacking group was also targeting SolarWinds’ software in December, while a report Feb. 2 squarely pointed the finger at Chinese hackers.
Photo: Web Summit/Flickr
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU