Investigation says Russian hackers used Microsoft vendors to breach customers
Investigation says Russian hackers used Microsoft vendors to breach customers

The suspected Russian hackers responsible for the  managed to get reseller access to Microsoft Corp services to penetrate targets that had no compromised network software from SolarWinds Corp, investigators have said. The point to be noted is the updates to SolarWinds' Orion software was previously the only known point of entry. 

The Security company CrowdStrike Holdings Inc said on Thursday that hackers had won access to the vendor that sold it Office licenses and used that to try to read CrowdStrike's email. CrowdStrike uses Office programmes only for word processing but not email. The failed attempt, made months ago, was pointed out to CrowdStrike by Microsoft on December 15. CrowdStrike, which does not use SolarWinds, said no impact was observed due to the intrusion attempt and declined to name the reseller. "They got in through the reseller's access and tried to enable mail 'read' privileges," one of the people familiar with the investigation told a reliable news agency. 

Microsoft software licenses are sold through third parties in n numbers, and those companies can have near-constant access to clients' systems as the customers add products or employees. Microsoft instructed on Thursday that those customers need to be vigilant. The use of a Microsoft reseller to try to break into a top digital defense company raises new concern about how many avenues the hackers, whom US officials have alleged are operating on behalf of the Russian government, have at their disposal. 

NATO checking systems after US cyberattack

US authorities scamper to investigate the Cyberattack, Mike Pompeo blames Russia

US government agencies including the Treasury and Commerce hacked

Kremlin says Russia has nothing to do with the US treasury email snooping

Join NewsTrack Whatsapp group
Related News