Microsoft says SolarWinds hackers viewed source code



Microsoft says hackers were able to access its source code.

James Martin/

The hackers who carried out a sophisticated cyberattack on government agencies in the US and private companies were able to access Microsoft’s source code, the company said Thursday.

A Microsoft investigation turned up “unusual activity with a small number of internal accounts” and that “one account had been used to view source code in a number of source code repositories,” the company said in a blog post. Microsoft said the account didn’t have the ability to modify code and that no company services or customer data was put at risk.

Microsoft zealously guards its source code, which provides the foundation for software creation, but the company does provide access to certain “qualified” customers, governments and partners for debugging and reference purposes.

“The investigation, which is ongoing, has also found no indications that our systems were used to attack others,” the company said.

A Russian intelligence agency is suspected of carrying out the massive campaign, which reportedly included an email system used by senior leadership at the Treasury Department, started earlier this year, when hackers compromised IT management software from SolarWinds.  The Austin, Texas-based company sells software that lets an organization see what’s happening on its computer networks.

See also: How to avoid a spear-phishing attack. 4 tips to keep you safe from timeless scams

Hackers inserted malicious code into an update of that software, which is called Orion. Around 18,000 SolarWinds customers installed the tainted update onto their systems, the company said.

US national security agencies have called the breach “significant and ongoing.”  According to an analysis by Microsoft and security firm FireEye, both of which were infected, the malware gives hackers broad reach into impacted systems.

Microsoft earlier said it had identified more than 40 customers that were targeted in the hack. More information is likely to emerge about the hack and its aftermath. Here’s what you need to know about the  hack: