Brad Smith, Microsoft’s President, earlier this week stated that Microsoft had deep-dived into SolarWinds’ hack. The investigation into this malicious attack has revealed that more than 1,000 engineers have probably worked on this attack.
Brad Smith further goes on to state that the attack is “the largest and most sophisticated attack the world has ever seen.” We have covered the SolarWinds’ attack in great detail, and you can read about it here.
The identity of the 1000 odd attackers has not been revealed or by whom they have been employed. Smith believes that this is the first time the USA is witnessing the use of supply chain disruption tactic being used against it. It is believed that the Russian government developed this tactic in Ukraine.
FireEye CEO, Kevin Mandia, too has been featured in 60 Minutes, an American news magazine. FireEye too was victim of the SolarWinds hack. FireEye had spotted the attack when an attempt at two-factor authentication, commonly known as 2FA authentication, raised suspicion.
“A FireEye employee was logging in, but the difference was our security staff looked at the login and we noticed that individual had two phones registered to their name,” he said. “So our security employee called that person up and we asked, ‘Hey, did you actually register a second device on our network?’ And our employee said, ‘No. It wasn’t, it wasn’t me'” said Kevin Mandia.
This interaction had raised several red flags within the FireEye team and the teams began digging deeper into the issue. This investigation uncovered Orion’s compromise.
60 Minutes also revealed that 4,032 lines of code was at the center of this attack, an attack that has targeted more than 18,000 companies across the globe.
Brad Smith also believes that we have not yet seen the end of the attacks. If you guys are using the Orion software, it is highly advised to upgrade to the latest version.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity, and hacking news updates.
Also Read
SolarWinds Hack – Multiple Similarities Found Between Sunburst Backdoor and Turla’s Backdoor
DOJ Says SolarWinds Hackers Accessed 3% of it’s Office 365 Mailboxes
New Malware Discovered in SolarWinds Attack that Used 7-Zip Code to Hide
NVIDIA has issued an urgent security advisory addressing three high-severity vulnerabilities in its NeMo Framework,…
Cisco has issued a high-severity advisory (cisco-sa-erlang-otp-ssh-xyZZy) warning of a critical remote code execution (RCE)…
Enterprises and managed service providers globally are now facing urgent security concerns following the disclosure…
Security researcher Alessandro Sgreccia (aka "rainpwn") has revealed a set of critical vulnerabilities in Zyxel’s…
A high-severity denial-of-service (DoS) vulnerability in Redis, tracked as CVE-2025-21605, allows unauthenticated attackers to crash servers…
Google’s Mandiant team has released its M-Trends 2025 report, highlighting the increasing sophistication of threat…
.jpeg?w=1024&resize=1024,682&ssl=1)