Microsoft President: SolarWinds Hack was ‘Largest and Most Sophisticated Attack’ Ever
During an interview with the CBS program “60 minutes,” Microsoft President Brad Smith talked about the SolarWinds attacks and called it “the largest and most sophisticated attack the world has ever seen.”
The knowledge of the attack came to light in December 2020, which exploited vulnerabilities of the SolarWinds software. Alongside the security firm FireEye, Microsoft disclosed that over 18,000 organizations may have been impacted due to the Sunburst malware in SolarWinds’s Orion network management software. Earlier, the tech giant had also stated that the attack targeted 40 of its customers.
Microsoft assigned 500 engineers to investigate the attack, and Smith said the attacking team had enough engineering resources. “When we analyzed everything that we saw at Microsoft, we asked ourselves how many engineers have probably worked on these attacks. And the answer we came to was, well, certainly more than 1,000,” Smith told.
US agencies including the US Treasury Department, the Cybersecurity and Infrastructure Agency (CISA), The Department of Homeland Security (DHS), and the US Department of State, and the US Department of Energy (DOE) were identified to have been affected by the malware.
The attack was identified to have been conducted by an outside nation and according to the U.S. government, the breach was most likely orchestrated by Russia, though Russia has denied responsibility.
December 2020 also marked Brad Smith’s blog for a strong and global cybersecurity response. He said, “It’s critical that we step back and assess the significance of these attacks in their full context. This is not ‘espionage as usual,’ even in the digital age. Instead, it represents an act of recklessness that created a serious technological vulnerability for the United States and the world.”