Hackers extensively breach Microsoft systems to access its source codes
Russian state-backed hackers gained access to some of Microsoft's core software systems in a breach first revealed in January, the company said on Friday, revealing a more extensive and severe intrusion into Microsoft's systems than to what was previously known.
Microsoft believes that in recent weeks hackers have used information stolen from Microsoft's corporate email systems to access "certain source code repositories and internal systems at the company," the technology company said in a document filed with the US Securities and Exchange Commission.
Source code is coveted by companies – and the spies who try to hack them – because it is the secret part of a software program that makes the software work and gets it operational. Knowing it means having the ability to attack other systems practically starting from the inside.
Microsoft first disclosed the breach in January, just days before another Big Tech company, Hewlett Packard Enterprise, said the same hackers had breached its cloud-based email systems. The exact scope and purpose of the hacking activity is unclear, but experts say the group responsible has a history of wide-ranging intelligence gathering campaigns in support of the Kremlin.
The hacking group was behind the infamous breach of the email systems of several US agencies, using software produced by US contractor SolarWinds, which was revealed in 2020 and was serious enough to be the subject of an SEC investigation. Hackers had access to unclassified email accounts of the departments of Homeland Security and Justice, among other agencies, for months before the spy operation was discovered.
US officials attributed the hacking group to Russia's foreign intelligence services. Russia has denied involvement in the operation.
In the years since the 2020 hack, Russian hackers have continued to penetrate large technology companies as part of their espionage campaigns, according to U.S. officials and private experts. In the activity described Friday, hackers could use the information stolen from Microsoft "to accumulate a picture of areas to attack and improve their ability to do so," the company said in a blog post accompanying the SEC filing.
At the same time, it seems incredible that, despite the SolarWinds breach having been known for years, hackers were allowed to breach the systems of large technology companies almost with impunity. Haven't the boards of directors of these companies been at best superficial in assessing the security of their own companies?
“To date we have found no evidence that customer-facing systems hosted by Microsoft have been compromised,” Microsoft said. It would have been strange if the company had stated otherwise.
Thanks to our Telegram channel you can stay updated on the publication of new Economic Scenarios articles.
The article Hackers Extensively Hack Microsoft Systems to Access Its Source Codes comes from Economic Scenarios .
This is a machine translation of a post published on Scenari Economici at the URL https://scenarieconomici.it/hacker-violano-estesamente-i-sistemi-microsoft-per-accedere-ai-suoi-codici-sorgente/ on Sun, 10 Mar 2024 09:00:43 +0000.