Microsoft identified 40+ customers targeted in the SolarWinds hack, 80% in the US, says the attack is “ongoing” and calls for a global cybersecurity response
The final weeks of a challenging year have proven even more difficult with the recent exposure of the world's latest serious nation-state cyberattack.
Microsoft On the Issues Brad Smith
Related Coverage
- View article Reuters
- View article UPI
- Russia-Linked SolarWinds Hack Ensnares Widening List of Victims Bloomberg
- View article Securelist
- NSA Cybersecurity Advisory: Malicious Actors Abuse Authentication Mechanisms to Access Cloud Resources National Security …
- Microsoft president calls SolarWinds hack an “act of recklessness” Ars Technica · Dan Goodin
- SolarWinds hack that breached gov networks poses a “grave risk” to the nation Ars Technica · Dan Goodin
- View article CNN
- View article The Guardian
- NSA warns of federated login abuse for local-to-cloud attacks ZDNet · Catalin Cimpanu
- View article TheStreet
- View article Threatpost
- View article OnMSFT.com
- View article CyberScoop
- Suspected Russian hacking campaign hit over 40 organizations, Microsoft says NBC News · Kevin Collier
- View article SC Media
- View article TGDaily
- Microsoft identifies 40+ victims of SolarWinds hack, 80% from US BleepingComputer · Sergiu Gatlan
- Microsoft identified over 40 SolarWinds supply chain attack victims Windows Central · Sean Endicott
- Exclusive: Microsoft breached in suspected Russian hack using SolarWinds - sources familiar Reuters · Joseph Menn
- View article Telecoms.com
- View article TechRadar
- Microsoft President Says SolarWinds Malware Attack is a “Moment of Reckoning” WinBuzzer · Luke Jones
- View article Schneier on Security
- Microsoft confirms breach in SolarWinds hack, but denies its clients were affected Security Affairs · Pierluigi Paganini
- SolarWinds cyber attack is ‘grave risk’ to global security ComputerWeekly.com · Alex Scroxton
- Microsoft Confirms SolarWinds Breach Affecting Core Products MakeUseOf · Gavin Phillips
- Continuous Updates: Everything You Need to Know About the SolarWinds Attack SecurityWeek
- US says cyber hack poses ‘grave risk’ to government and businesses The Irish Times
- View article CyberNews
- Microsoft Products Targeted In Russian Hack, Report Says PYMNTS.com
- Microsoft Says 40 Customers Hit By Ongoing Hack Of Government Agencies NPR · Jaclyn Diaz
- Microsoft's warning after US federal government breach: more nation-backed attacks are coming Medianama · Aroon Deep
- View article infosecurity-magazine.com
- Microsoft says internal probe finds malicious SolarWinds code, no sign of further impact yet GeekWire · Todd Bishop
- Microsoft discovers 40 customers targeted in massive hack campaign CNET · Steven Musil
- Microsoft Illustrates the Breadth and Depth of the SolarWinds Hack Petri · Brad Sams
- Microsoft says it was hit by the SolarWinds cyberattack but has not found evidence its products or customer data were affected Business Insider
- Microsoft president sounds alarm on ‘ongoing’ SolarWinds hack, identifies 40 more precise targets The Verge · Jay Peters
- How to change your company culture Protocol · David Pierce
- Russian hack against the U.S. government ‘will take years to overcome,’ former national intelligence official says CNBC · Emily DeCiccio
- ‘This Is Looking Like Worst Hacking Case in History of America’ Newser · Rob Quinn
- Microsoft, Energy Department and Others Named as Victims of SolarWinds Attack SecurityWeek · Eduard Kovacs
- SolarWinds hackers breach US nuclear weapons agency BleepingComputer · Sergiu Gatlan
- Microsoft Says Its Systems Were Also Breached in Massive SolarWinds Hack The Hacker News · Ravie Lakshmanan
- Exclusive-Suspected Russian hacking spree reached into Microsoft -sources Reuters · Joseph Menn
- Hackers Tied to Russia Hit Nuclear Agency; Microsoft Is Exposed Bloomberg
- More Hacking Attacks Found as Officials Warn of ‘Grave Risk’ to U.S. Government New York Times
- U.S. cybersecurity agency warns of ‘grave’ threat from hack Associated Press
- Cyberhack looks like act of war Axios · Mike Allen
- Hack Suggests New Scope, Sophistication for Cyberattacks Wall Street Journal
- U.K. Use of Software Linked to Russia-Hack Runs Deep Bloomberg
- Microsoft says it identified 40+ victims of the SolarWinds hack ZDNet · Catalin Cimpanu
- Unprecedented malware campaign strikes US through SolarWinds: What you need to know CNET · Laura Hautala
- Microsoft Discovers Malware Related to SolarWinds Cyber Attack TheStreet · M. Corey Goldman
- Continuous Eruption: Further Analysis of the SolarWinds Supply Chain Incident DomainTools
- Suspected Russian hack is much worse than first feared: Here's what you need to know CNBC · Sam Shead
- Microsoft is reportedly added to the growing list of victims in SolarWinds hack Ars Technica · Dan Goodin
- Microsoft acknowledges it was hacked via SolarWinds exploit SlashGear · JC Torres
- Microsoft Breached Via SolarWinds As Scope Of Destruction Widens: Report CRN · Michael Novinson
- Suspected Russian hacking spree said to have breached Microsoft's defences Reuters
- Austin, Texas hacked by suspected Russian state-sponsored group SiliconANGLE · Duncan Riley
- The SolarWinds hack was in place for months, but cybersecurity experts say it will take years to sort out Business Insider · Kelsey Vlamis
- Ex-DHS adviser under Trump calls for urgent action to address suspected Russian cyberattack CNN · Veronica Stracqualursi
- Statement by President-elect Joe Biden on Cybersecurity President-Elect Joe Biden · Transition
Discussion
-
@ericgeller
Eric Geller
on x
Microsoft has identified 40 customers hacked by the suspected Russian operatives after the initial SolarWinds compromise, @BradSmi says. 80% in US, + Canada, Mexico, Belgium, Spain, UK, Israel, & UAE. 44% of victims were in IT, 18% think tank, 18% gov. https://blogs.microsoft.com…
-
@bradsmi
Brad Smith
on x
The latest nation state attack is not espionage as usual, even in the digital age. Instead, it's an act of recklessness that has created a serious and eye-opening vulnerability for the US and the world. Governments and industry must do more. https://blogs.microsoft.com/ ...
-
@shashj
Shashank Joshi
on x
“One of the more chilling developments this year has been what appears to be new steps to use AI to weaponize large stolen datasets about individuals and spread targeted disinformation ... this too will become a permanent part of the threat landscape."' https://blogs.microsoft.co…
-
@shashj
Shashank Joshi
on x
Microsoft: 'This is not “espionage as usual,” even in the digital age. Instead, it represents an act of recklessness that created a serious technological vulnerability for the US and the world" https://blogs.microsoft.com/ ... https://twitter.com/...
-
@tariqkrim
Tariq Krim
on x
According to Microsoft, the recent Slora winds hack has also exposed Europe. It would be good for European institutions to give more details about it. the source is here : https://blogs.microsoft.com/ ... https://twitter.com/...
-
@kursed
Abdullah Saad
on x
Most spine chilling read of the day. This is really scary stuff. https://blogs.microsoft.com/ ...
-
@andrewsweiss
Andrew S. Weiss
on x
Once again, Microsoft's @BradSmi is taking the lead in saying thoughtful things that rightfully should be coming from a US President and other world leaders https://twitter.com/...
-
@natashabertrand
Natasha Bertrand
on x
SCOOP/BREAKING NEWS: The Energy Department and National Nuclear Security Administration, which maintains the U.S. nuclear weapons stockpile, have evidence that hackers accessed their networks, officials directly familiar with the matter said. https://www.politico.com/...
-
@atrupar
Aaron Rupar
on x
Our nuke systems may have been hacked but the president is more concerned about the tone of Fox News' Saturday afternoon programming https://twitter.com/...
-
@cisagov
@cisagov
on x
Read our statement, jointly released with @FBI and @ODNIgov, on the significant, ongoing cybersecurity campaign that has affected networks within the federal government: https://cisa.gov/.... #Cyber #InfoSec #Cybersecurity #InfoSecurity #NetworkSecurity #InformationSecurity
-
@maxabrahms
Max Abrahms
on x
Terrifying how the Biden administration will respond to Russia. The media will eat it up. https://twitter.com/...
-
@naima
Naima Cochrane
on x
Feels like we should be concerned about this https://twitter.com/...
-
@reppaulmitchell
Rep. Paul Mitchell
on x
It is time for POTUS and the Administration to address this forcefully. Put Putin on notice and take steps to punish him and those involved. Engage our govt resources to address this both@in agencies and private companies. Critical infrastructure at risk! https://twitter.com/...
-
@joyannreid
@joyannreid
on x
God help us ... these people still have more than a month in power and clearly are doing zero to keep us safe... https://twitter.com/...
-
@mattyglesias
Matthew Yglesias
on x
My deep concerns about Hillary Clinton's information security practices led me to vote Trump in 2016, and I have to say I feel kind of betrayed. https://twitter.com/...
-
@daviddtss
David Dennis Jr
on x
Russia won a war against America by posting Facebook ads that made white people feel good about their racism. https://twitter.com/...
-
@williamturton
William Turton
on x
Russian hackers have been inside Austin city network for months https://theintercept.com/... by @MaraHvistendahl, @micahflee, @chronic_jordan
-
@jimsciutto
Jim Sciutto
on x
This cyber attack is staggering. ODNI says it is still underway right now. And the president is silent again on Russia. https://www.nytimes.com/...
-
@jorge_guajardo
Jorge Guajardo
on x
It's imperative the US have a president that assumes the responsibility. https://www.politico.com/...
-
@kylegriffin1
Kyle Griffin
on x
Breaking Politico: The Energy Department and National Nuclear Security Administration, which maintains the U.S. nuclear weapons stockpile, have evidence that hackers accessed their networks, officials directly familiar with the matter said. https://www.politico.com/...
-
@stengel
Richard Stengel
on x
“Our adversaries should know that, as President, I will not stand idly by in the face of cyber assaults on our nation.”—President-elect Biden. @Transition46 https://www.politico.com/...
-
@seth_hettena
Seth Hettena
on x
Not a good sign when the warning comes after two days of news stories https://twitter.com/...
-
@kentremendous
Ken Tremendous
on x
One final gift from the Trump Administration. https://twitter.com/...
-
@repspeier
Jackie Speier
on x
What we need now is leadership & strong cyber defense, but what does @POTUS do? He sits on the sidelines silent & continues to peddle lies about election fraud, having fired Chris Krebs for refuting Trump's baseless election claims. Unbelievable! https://www.politico.com/...
-
@waltshaub
Walter Shaub
on x
What a relief it must be to the Russians that Trump is president as this all comes out! https://twitter.com/...
-
@ericgarland
Eric Garland
on x
You need to drop everything and read this. https://twitter.com/...
-
@kyledcheney
Kyle Cheney
on x
The president, who knows this, spent yesterday attacking his recently fired cybersecurity chief for saying the 2020 election was secure. He still hasn't addressed the breach. https://www.politico.com/...
-
@ericgeller
Eric Geller
on x
CISA, FBI, and ODNI acknowledge “a significant and ongoing cybersecurity campaign” that “has affected networks within the federal government.” No new details. It took them three days to issue this statement. https://www.cisa.gov/... https://twitter.com/...
-
@davidmweissman
David Weissman
on x
Hackers have access to the National Security Administration but let's be more outraged that Jill Biden rightfully puts the title Dr. next to her name because she's an educated woman. https://twitter.com/...
-
@sethabramson
Seth Abramson
on x
Remember me saying here a week ago that I was gravely concerned that we would discover that the Department of Energy had also been hacked, and that the Russians' focus would be on nuclear energy issues? Well, here we go. And Donald Trump is doing *nothing about it whatsoever*. ht…
-
@davidjollyfl
David Jolly
on x
Just a massive government failure in the waning days of the current Administration, with generational consequences we may never know. https://www.politico.com/...
-
@tedlieu
Ted Lieu
on x
This is unacceptable, on any level. Our national security has been repeatedly compromised under @realDonaldTrump. Especially in the area of cybersecurity, where @POTUS eliminated several key positions. Also, when is Trump going to condemn Vladimir Putin? https://twitter.com/...
-
@sam_vinograd
Sam Vinograd
on x
According to this statement, the cyberattack is ongoing. https://twitter.com/...
-
@dana_balter
Dana Balter
on x
Disastrous. Another colossal failure of the Trump Administration to keep us safe. We've said all along that he's a danger to our country. This is what we've been talking about. All the smaller “oh-don't-make-such-a-big-deal-about- it” infractions along the way have led to this. h…
-
@themaxburns
Max Burns
on x
Foreign state hackers broke into the National Nuclear Security Administration and we've yet to hear a peep from all those “strong national security” Republicans in Washington. https://twitter.com/...
-
@tombossert
Thomas P. Bossert
on x
The US public is sick, our leaders distracted, and we are under cyberattack. This isn't about SolarWinds anymore. It hasn't been for months. The Russians are in our networks at a very fragile time. What are we going to do about it? My @nytimes OpEd https://www.nytimes.com/...
-
@morganlbrennan
Morgan Brennan
on x
“My biggest concern would be if you've got an advanced adversary that has been in the network for a long time...It may be very difficult to get them out and to be assured of the fact they're no longer there.” https://www.washingtonpost.com/ ...
-
@jengriffinfnc
Jennifer Griffin
on x
Officials say this is the largest cyber hack in US history...Russia apparently had command and control inside vast US govt network...More Hacking Attacks Found as Officials Warn of ‘Grave Risk’ to U.S. Government via @SangerNYT https://www.nytimes.com/...
-
@digiphile
Alex Howard
on x
Both @Politico & @Business report hackers accessed systems at the National Nuclear Security Administration, which maintains the U.S. nuclear weapons stockpile, at least 3 states, & other US government agencies. https://www.bloomberg.com/... https://twitter.com/... https://twitter…
-
@shiraovide
Shira Ovide
on x
How does the news about this hack keep getting much worse? https://www.nytimes.com/...
-
@ericgeller
Eric Geller
on x
As CISA hinted earlier, Reuters reports that Russia's hacking campaign involved breaching another “major technology supplier” as a way of breaking into its customers, just like SolarWinds: https://www.reuters.com/...
-
@bing_chris
Chris Bing
on x
“the attackers are very careful and have deleted logs, or electronic footprints or which files they have accessed. That makes it hard to know what has been taken.” https://www.reuters.com/...
-
@maggienyt
Maggie Haberman
on x
Read to the end of this @SangerNYT piece on the government hack - there are files that could still be infected/being used to spy on the federal government https://www.nytimes.com/...
-
@business
@business
on x
At least three states were hacked as part of a suspected Russian cyber-attack that breached several U.S. government agencies https://www.bloomberg.com/...
-
@exavierpope
@exavierpope
on x
“Two people familiar with the ongoing investigation said three states were breached in the attack, though they wouldn't identify the states. A third person familiar with the probe confirmed that states were hacked but didn't provide a number” - 2020 please chill already https://t…
-
@apolyakova
Dr Alina Polyakova
on x
Russia launched “the biggest cybersecurity breach of federal networks in more than two decades” - this is what happens when we have no cyber deterrence strategy https://www.nytimes.com/...
-
@zackwhittaker
Zack Whittaker
on x
“Some major companies have issued carefully worded statements saying that they have ‘no evidence’ that they were penetrated, but in some cases that may only be because the evidence was removed.” https://www.reuters.com/...
-
@pittgriffin
Pitt Griffin
on x
I suspect there is a rush by our enemies to hack our institutions before we get someone at the top who both can, and wants, to do the job. It's time for the US to stop being the Kremlin's toilet. https://www.huffpost.com/...
-
@juliaioffe
Julia Ioffe
on x
When Trump told the world he believed Putin that Russia was not behind the 2016 hack-and-dump and other election interference, it was a green light for the Russian government to go further and bigger. https://www.nytimes.com/...
-
@tripgabriel
Trip Gabriel
on x
“After playing the incident down — Trump has said nothing & Sec'y Pompeo deflected the hacking as one of the many daily attacks on the federal government, suggesting China was the biggest offender — the new alert left no doubt the assessment had changed” https://www.nytimes.com/.…
-
@scottmstedman
Scott Stedman
on x
“Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious Solar Winds binaries in our environment, which we isolated and removed,” a Microsoft spokesperson said https://www.reuters.com/...
-
@kimzetter
Kim Zetter
on x
How often have we all said this before? “Some major companies have issued carefully worded statements saying that they have ‘no evidence’ that they were penetrated, but in some cases that may only be because the evidence was removed [by the attackers]” https://www.reuters.com/...
-
@sifill_ldf
Sherrilyn Ifill
on x
Pretty alarming from the Homeland Security adviser to Presidents Trump and Bush. https://twitter.com/...
-
@ggreenwald
Glenn Greenwald
on x
I know it doesn't matter. I know it's wrong to ask the question. I know asking the question raises grave doubts about one's loyalties and patriotism. But has there been *any* evidence publicly presented, let alone dispositive proof, that Russia is responsible for this hack? https…
-
@doritoribio
Dori Toribio
on x
“While President Donald Trump has yet to publicly address the hack, President-elect Joe Biden issued a statement Thursday on “what appears to be a massive cybersecurity breach affecting potentially thousands of victims, including U.S. companies and federal government entities.” h…
-
@bobbychesney
Bobby Chesney
on x
My 2 cents: SolarWinds = conventional espionage (a la OPM), not “war,” covert action, etc. US gov't (naturally) doesn't claim conventional espionage is wrongful, and we shouldn't expect to deter it. Instead, we should focus on: What *defensive* changes does this show we need? htt…
-
@rogue_martin
Martin Rogue
on x
Deeply disturbing and troubling. Like I told one of my followers there is the issue of malware either left behind by hackers or slipped in by other means. Well now its confirmed this is the case. And it was going on for months before we discovered it. https://www.msn.com/...
-
@nakashimae
Ellen Nakashima
on x
BREAKING: Federal investigators find evidence of previously unknown tactics used to penetrate government networks w/@craigtimberg https://www.washingtonpost.com/ ...
-
@nicoleperlroth
Nicole Perlroth
on x
Hearing Microsoft has no proof of this. https://twitter.com/...
-
@nicoleperlroth
Nicole Perlroth
on x
Microsoft president Brad Smith says Reuters report is false. “We have no indication of this.” Microsoft stands by Sunday statement: “We also want to reassure our customers that we have not identified any Microsoft product or cloud service vulnerabilities in these investigations.”…
-
@kimzetter
Kim Zetter
on x
Second supply chain hack in SolarWinds campaign announced. Microsoft was also breached in the SolarWinds hack operation. Once in Microsoft's network, the company's own “products were then used to further the attacks on others”. Story from @josephmenn https://www.reuters.com/...
-
@jerrydunleavy
Jerry Christmas
on x
“Microsoft was hacked as part of the suspected Russian campaign that has hit multiple U.S. government agencies by taking advantage of the widespread use of software from SolarWinds.” [Note: Microsoft is helping a bunch of orgs with responding to this hack] https://uk.reuters.com/…
-
@b_fung
Brian Fung
on x
NEW: Microsoft says it has identified more than 40 victims targeted by attackers via the SolarWinds vulnerability, 80 percent of whom are based in the US.
-
@kimzetter
Kim Zetter
on x
Microsoft says the Reuters story saying it was hacked is incorrect. https://twitter.com/...
-
@silvermanjacob
Jacob Silverman
on x
So much vague reporting about SolarWinds. Microsoft might have been hacked. Ok so what was hacked, which networks, what was taken? https://twitter.com/...
-
@campuscodi
Catalin Cimpanu
on x
This is Microsoft's official statement on today's Reuters report. The company admits to getting breached via the SolarWinds app, but not to hackers pivoting to production systems and then using those systems against its customers. Update coming shortly. https://twitter.com/...
-
@campuscodi
Catalin Cimpanu
on x
Microsoft was also breached in recent SolarWinds supply chain hack. According to Reuters, Microsoft's own products where then used to further the attacks on other targets To note is that Microsoft has not commented on this yet. https://www.zdnet.com/... https://twitter.com/...
-
@ericgeller
Eric Geller
on x
can this news cycle please just end https://twitter.com/...
-
@inteldoge
Doge
on x
Makes sense, we had heard about Office 365 when the news first broke about the hack. https://twitter.com/...
-
@campuscodi
Catalin Cimpanu
on x
Welcome to the club, Microsoft!
-
@lookner
Steve Lookner
on x
Reuters now reporting that Microsoft products as well as SolarWinds software were used by hackers to “further the attacks on others” “It was not immediately clear how many Microsoft users were affected by the tainted products” h/t @KimZetter https://www.reuters.com/...
-
@frankpallone
Rep. Frank Pallone
on x
In the midst of an unprecedented cyber-attack, Trump fired his cyber-security chief because he contradicted his false claims of election fraud. Trump's actions and his deference to Russia have serious national security implications that will ripple far beyond his presidency. http…
-
@latenightseth
@latenightseth
on x
Trump is going to be so bummed when he learns that he can't pardon Vladimir Putin. https://twitter.com/...
-
@normative
Julian Sanchez
on x
Has Trump still not said anything about what may well be the most catastrophic security breach in U.S. history? https://twitter.com/...