Yesterday, Microsoft told that the SolarWinds attackers may download the source code from Azure, Exchange, and Intune components.
Microsoft concluded that the SolarWinds attackers steal the limited codes and also said that there is no evidence that the hackers abused the internal system or target the user data of other organizations.
Microsoft Spokesperson said that “We founded unauthorized access at very small level and we had also detect the one account of our own network got targeted and view the source code of products and services. Whereas the compromised account have not the access to modify the code or do some changes. After the investigation we also conformed the not updated will be done by the attacker”.
Microsoft also said that they have a very strict policy for development that stores the secrets in source code and verifies them with the automated tool.
Whereas, based on the keywords search used by the attackers signifies that the credentials, API keys, and other security tokens are embedded in the code.
Who are Affected by it?
According to Microsoft, the hackers were able to download or steal the source code that is related to;
- a small subset of the Exchange component
- a small subset of Azure component that includes service, security, identity
- a small subset of Inture components
What Experts are Saying?
Whereas the experts said that the attacker was going to indicate by the attack that they are staying focused while finding the hidden secrets of the organizations. The company officials also confirmed that the hacker was not able to steal any live, product credentials from the site.
Microsoft in January advised the organization to use a zero-trust mentality while protecting their data and minimizing the risk by enabling multi-factor authentication.
Microsoft VP Vasu Jakkal said that Zero trust is a protective mindset and when every organization was assuming the attackers were going to attack at some point then they were taking every step very carefully and it will reduce the risk of mitigations and unauthorized access.
Zero Trust is the philosophy that plays a critical part while making a transition and assuming everything inside or outside the premises was not secure and the experts verified their status, identity, endpoint, and other resources based on the data available.
