 |
| Russian hackers target security company CrowdStrike |
Investigators said: Russian hackers, who carried out the worst cyberattacks against the United States in years, used vendors' access to Microsoft services to attack targets that did not own the SolarWinds platform that Orion hacked.
The Orion platform update was the only known entry point, but the organization is clearly trying to disrupt a major security company.
Security firm CrowdStrike said it was also targeted. The attempt came within 17 hours of a few months ago when the hackers tried to access the company's email, but failed.
CrowdStrike stated that the hacker gained access to the vendor selling the Office Pack license and tried to read their email with it.
Many Microsoft software licenses are sold through third parties. These companies can benefit from virtually permanent access to customer systems. Microsoft said: These customers should be vigilant.
Microsoft (Jeff Jones) said, "Our investigation uncovered incidents of data misuse. We did not find any security breach or breach of Microsoft products or cloud services."
Russian hackers who use Microsoft distributors to break into CrowdStrike are raising new questions about the number of options available to hackers, according to US officials representing the Russian government.
Reuters reported a week ago that Microsoft products were used in the attack, and the software giant hinted that its customers should remain vigilant.
However, it's very difficult to know which providers still have access, so CrowdStrike has released an auditing tool to do just that.
After SolarWinds discovered the second group of hackers targeting the company's products, it released a new update to fix vulnerabilities in its platform.
Microsoft previously published an article that the SolarWinds platform has become a target for the second group of hackers alongside Russian hackers.
The identity of the second group of hackers remains unclear, and Russia has denied any role in the hackers.