Brad Smith, Microsoft’s President, earlier this week stated that Microsoft had deep-dived into SolarWinds’ hack. The investigation into this malicious attack has revealed that more than 1,000 engineers have probably worked on this attack.
Brad Smith further goes on to state that the attack is “the largest and most sophisticated attack the world has ever seen.” We have covered the SolarWinds’ attack in great detail, and you can read about it here.
The identity of the 1000 odd attackers has not been revealed or by whom they have been employed. Smith believes that this is the first time the USA is witnessing the use of supply chain disruption tactic being used against it. It is believed that the Russian government developed this tactic in Ukraine.
FireEye CEO, Kevin Mandia, too has been featured in 60 Minutes, an American news magazine. FireEye too was victim of the SolarWinds hack. FireEye had spotted the attack when an attempt at two-factor authentication, commonly known as 2FA authentication, raised suspicion.
“A FireEye employee was logging in, but the difference was our security staff looked at the login and we noticed that individual had two phones registered to their name,” he said. “So our security employee called that person up and we asked, ‘Hey, did you actually register a second device on our network?’ And our employee said, ‘No. It wasn’t, it wasn’t me’” said Kevin Mandia.
This interaction had raised several red flags within the FireEye team and the teams began digging deeper into the issue. This investigation uncovered Orion’s compromise.
60 Minutes also revealed that 4,032 lines of code was at the center of this attack, an attack that has targeted more than 18,000 companies across the globe.
Brad Smith also believes that we have not yet seen the end of the attacks. If you guys are using the Orion software, it is highly advised to upgrade to the latest version.