The suspected Russian hackers behind the worst US cyber attack in years leveraged reseller access to Microsoft Corp services to penetrate targets that had no compromised network software from SolarWinds Corp, investigators said. The failed attempt, made months ago, was pointed out to CrowdStrike by Microsoft on December 15. The known victims so far include CrowdStrike security rival FireEye Inc and the US Departments of Defense, State, Commerce, Treasury, and Homeland Security. Other big companies, including Microsoft and Cisco Systems Inc, said they found tainted SolarWinds software internally but had not found signs that the hackers used it to range widely on their networks. The identity of the second set of hackers, or the degree to which they may have successfully broken in anywhere, remains unclear.

Source: Indian Express December 25, 2020 06:30 UTC