Microsoft revealed forty of its customers who are organizations suffered a data breach by a suspected Russian campaign, CNN reported. The victims are found to have a third-party IT management program that was targeted by the hacking group.
The tech giant said that around 80% of the affected organizations are in the United States. The remaining victims are located in Canada, Belgium, Mexico, Israel, the United Kingdom, and the United Arab Emirates.
Microsoft President Brad Smith said, “It’s a certainty that the number and location of victims will keep growing.”
According to the company’s evaluation of the incident, the hacking campaign was secretly performed using third-party software by IT management company SolarWinds. The version of the program is set to be problematic and was specifically targeted by the attackers.
The attack was conducted through Russian malware through SolarWinds Orion, which has around 180,000 customers across the world. Its customer base includes government and private organizations.
As of writing, Microsoft remarked that the incident has affected “many major national capitals outside Russia.”
Smith said, “The attack, unfortunately, represents a broad and successful espionage-based assault on both the confidential information of the US Government and the tech tools used by firms to protect them.”
Moreover, he said, “The attack is ongoing and is being actively investigated and addressed by cybersecurity teams in the public and private sectors, including Microsoft.”
Regarding the measures it is taking to address the situation, Smith said that that the company has notified the victims. Moreover, it is working with FireEye to investigate the hack. FireEye, which is a cybersecurity firm, was also a victim of a hack.
Experts and US officials believe that Russia is behind this attack. CrowdStrike co-founder Dmitri Alperovitch that “an intelligence agency wouldn’t be able to fully exploit that many victims and instead would have to settle on the most valuable targets,” as explained by NBC News.
Alperovitch is optimistic that no such agency would have “enough human power” to specifically target every single individual whose data has been compromised through this hack.
NBC News noted that the organizations affected are largely unidentified, but three major targets have revealed their identities namely the US departments of Commerce and Energy and FireEye.
SolarWinds had a list of over 100 government and private organizations, which was posted on its website, but is not removed. No organization on the list admitted to being affected, but some are still investigating.
