The massive hack on US government systems also included a breach of Microsoft source code, the company announced today.
“We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories,” Microsoft said in a statement. “The account did not have permissions to modify any code or engineering systems and our investigation further confirmed no changes were made. These accounts were investigated and remediated.”
The company argues that viewing that source code “isn’t tied to elevation of risk” given that Microsoft has “an open source-like culture [and makes] source code viewable within Microsoft. This means we do not rely on the secrecy of source code for the security of products, and our threat models assume that attackers have knowledge of source code.”
The news comes two weeks after Redmond acknowledged that it was hit by malicious computer code from the hack. Microsoft is a customer of SolarWinds, the IT provider the hackers exploited to send software updates to numerous US government agencies.
“We have been actively looking for indicators of this actor and can confirm that we detected malicious SolarWinds binaries in our environment, which we isolated and removed,” the company said earlier this month. “The investigation, which is ongoing, has also found no indications that our systems were used to attack others.”
In today’s update, Microsoft said it “found evidence of attempted activities which were thwarted by our protections, so we want to re-iterate the value of industry best practices…and implementing Privileged Access Workstations (PAW) as part of a strategy to protect privileged accounts.” It promised updates as more details from the breach are uncovered.
Secretary of State Mike Pompeo said this month that “we can say pretty clearly that it was the Russians that engaged in this activity,” though President Trump has cast doubt on that, aruging that China might be responsible.
President-elect Joe Biden has pushed Trump to reveal more details about the hackers and hold them responsible. “We are still learning about the extent of the SolarWinds hack and the vulnerabilities that have been exposed,” Biden said in a Monday speech. “As I said last week — this attack constitutes a grave risk to our national security.”