[ad_1]
Through an employee’s account, hackers could view the source code, even if they couldn’t change it or access email or other services and products, the company writes in a blog post.
Source code is the basic code of the software. IT professor Mike Chapple from the University of Notre Dame tells CNN that the hackers were likely looking for vulnerabilities.
“Cybersecurity experts now need to worry that this information could fall into the wrong hands, potentially creating the next Solarwinds-level vulnerability in a Microsoft product,” he says.
The extensive hacker attack may have started in October 2019, when hackers broke into Solarwind company, which provides IT technology to authorities and large companies.
Solarwind announced a few weeks ago that a foreign state had found a back door to the Orion tool, where they published malicious code. When approximately 18,000 of Solarwind’s customers downloaded an update, they were exposed to the risk of perpetrators gaining access to their network. It is not known exactly which companies and authorities have been affected, but the US Department of Commerce and the US Department of Finance have been identified as targets.
Microsoft claims that it has a culture within the company similar to open source code, where employees can see the code and therefore do not see it as an increased risk of someone attacking the company having access to it.
Microsoft claims that the person behind the attack is a sophisticated state actor. Russia has previously been blamed for the attack.
Gustav Sjöholm / TT
[ad_2]
