Microsoft says suspected Russian hackers viewed source code

0
53
Microsoft
Microsoft says suspected Russian hackers viewed source code

Microsoft said that the hackers did not use the SolarWinds upgrade to access the internal account, but failed to comment about just how the attackers had access to it.

Microsoft Corp. said the alleged Russian hackers had also access to the company’s internal source code for the shocking intrusion of various U.S. government departments, but no user details or services had been compromised.

“We observed suspicious behaviour with a limited number of internal accounts and, upon analysis, we discovered that one user has been used to access source code in a number of source code repositories,” Microsoft said Thursday in a blog post that updated its continuing investigation of the attack. “The account did not have permission to change any code or engineering structures and our investigation further conf.

Microsoft’s spokesman declined to discuss which source code the hackers viewed. Source code illustrates how computer systems operate and how they are used to create goods. Gaining access to such code may have provided hackers with useful insight into how they could manipulate systems or escape detection. Microsoft said its security philosophy, or “threatening model,” assumes that its source code will be interpreted and that safeguards will be built with that in mind.

Microsoft has earlier said that it had already received malicious security patches from information technology company SolarWinds Corp. that were used to infringe government departments and businesses around the world. The specifics of the campaign are still widely unclear, including how many companies have been victimised and what the hackers have done. Bloomberg News announced in December that authorities had determined that at least 200 groups had been targeted as part of the campaign.

Microsoft said that the hackers did not use the SolarWinds upgrade to access the internal account, but failed to comment about just how the attackers had access to it. The business also did not clarify in the blog post the code repositories had been hacked, or how long hackers had been on the company’s network, however reiterated that there was no evidence that its programmes had been used to target anyone.

“This activity has not put the security of our services or any customer data at risk, but we want to be transparent and share what we learn as we fight against what we believe to be a very sophisticated nation-state actor,” the organisation said.