"Those are typically trusted employees within an organization that have access to source code and aren't looking at it from an adversary's perspective," he said. That may be true, security expert Kennedy said, but having a group of malicious hackers reading a company's source code at the direction of a foreign government is a completely different matter. "So viewing source code isn't tied to elevation of risk," the company said. Microsoft downplayed the significance of the attackers reading its source code, saying, unlike other tech companies, its employees have an "open source-like culture" to viewing source code within the firm. Government And Tech CompaniesĪ Microsoft spokesman declined to comment beyond the company's blog post, which noted that the hackers did not compromise customers' personal data, nor did the intruders harness the information it read to attack others. Technology What We Know About Russia's Alleged Hack Of The U.S.
"My hope is that none of this was compromised in the process, but we just don't know at this point." And all of them have source code that runs on the devices," he said. We trust our phones that we're using on a daily basis.
Still, what the hackers can still do with whatever proprietary data was gathered from Microsoft should keep officials on edge, according to David Kennedy, who runs the Ohio-based company TrustedSec LLC, which investigated the hack. "But that doesn't appear to be the case." "If they had modified the source code, or used it to introduce new backdoors, since Microsoft has billions of users out there in pretty much every organization around the planet, that would've been a very severe, very grave concern," he said. "This attack was not as bad as it could have been for Microsoft," Alperovitch said. National Security How A Cybersecurity Firm Uncovered The Massive Computer Hackĭmitri Alperovitch, a cybersecurity expert and chairman of Silverado Policy Accelerator, a Washington-based think tank, said while the breach appears to be a "serious issue" and can potentially make it easier for attackers to uncover additional system flaws at Microsoft, the company's worst fears were not realized. When the company homed in, a startling finding appeared: company source code "in a number of source code repositories" had been accessed by hackers. Microsoft said after first believing it had blocked the intrusion, some "unusual activity" on a "small number" of employee accounts tripped an alarm.
#Skype account hacker update
Microsoft had previously said it was among thousands of companies that discovered malware on its systems after downloading a routine software update from the IT company SolarWinds containing a possible "backdoor" for hackers to gain access to sensitive company data.īut the admission Thursday is the first time Microsoft acknowledged the attackers did more than place a tainted software update on its system: hackers successfully broke into the company's systems and viewed source code, the carefully guarded DNA of the company's software products. government agencies and private companies was able to hack into Microsoft's internal systems and access some of the company's source code, the tech giant said in a blog post on Thursday. The group behind the suspected Russian attack into U.S. Microsoft for the first time on Thursday revealed that the hackers behind the SolarWinds attack had compromised its internal systems and accessed company source code.
0 kommentar(er)
