After investigation, the Microsoft security team has now released the latest developments on the SolarWinds supply chain attack. Microsoft revealed that some commercial software source codes were stolen.
Earlier, hacker groups infiltrated the American Solarwind Software Company and loaded malicious code in the software. Solarwind software carrying malicious codes entered a large number of enterprises.
Institutions including Microsoft, Cisco, Fire Eye, the US Department of the Treasury, and the US Nuclear Safety Administration have all been infiltrated, and Microsoft is also continuing to investigate potential risks. Microsoft has confirmed that hackers viewed the source code of some products.
In the latest report, Microsoft admitted that the source code of Microsoft Azure, Microsoft Exchange, Microsoft Intune, and other products was accessed by hackers.
Microsoft claims that these products have minimal impact on the source code viewed by hackers. They are all repository files and do not contain any identity tokens, encryption keys, and credentials.
For a small number of repositories, there was additional access, including in some cases, downloading component source code. These repositories contained code for:
- a small subset of Azure components (subsets of service, security, identity)
- a small subset of Intune components
- a small subset of Exchange components
“The search terms used by the actor indicate the expected focus on attempting to find secrets.” Microsoft also has internal tools to check to ensure that the key will not be written into the file.
This update is also the final investigation report of the Microsoft security team on the SolarWinds supply chain attack. The internal investigation activities that lasted for more than two months have completely ended.
The investigation revealed that the source code of some of Microsoft’s internal products and services was viewed or downloaded by hackers, but these source codes will not affect the security of Microsoft products.
Microsoft does not rely on protecting product source code to ensure product security, so even if all source code is leaked, it will not pose a security risk to Microsoft products.
Of course, it is said that but source code leakage will definitely be risky, but I believe that Microsoft has also strengthened its products to avoid potential security attacks.