Microsoft: ‘More than 1,000 engineers’ executed SolarWinds attack

The company's president Brad Smith says the ongoing hack is the 'largest and most sophisticated the world has ever seen'

A group of hackers behind the Russian flag

The infamous SolarWinds supply chain attack that infected the networks of up to 18,000 government and private organisations was the most sophisticated ever recorded in history, Microsoft’s president Brad Smith has claimed.

In its in-depth analysis of the attack following its disclosure, Microsoft has identified that more than 1,000 engineers were involved in executing the attacks in full, according to Smith in conversation with CBS News.

The firm has assigned 500 engineers itself to investigate the attack, with one of these individuals comparing it to a Rembrandt painting with more details emerging the closer they looked at it, he added.

“SolarWinds Orion is one of the most ubiquitous software products you probably never heard of, but to thousands of IT departments worldwide, it's indispensable,” Smith told CBS News’ 60 Minutes.

"It's made up of millions of lines of computer code. 4,032 of them were clandestinely re-written and distributed to customers in a routine update, opening up a secret backdoor to the 18,000 infected networks. 

“When we analysed everything that we saw at Microsoft, we asked ourselves how many engineers have probably worked on these attacks. And the answer we came to was, well, certainly more than 1,000.”

A drip-feed of information has emerged since the attack was first made public towards the end of 2020, with details around the scale of the disruption and method of infiltration becoming clearer as several investigations progress.

Related Resource

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

How to manage security risk and compliance - whitepaperDownload now

Although SolarWinds confirmed on 14 December that it had fallen victim to the attack, we’ve since learned that hackers had infiltrated the company as far back as September 2019. There were also at least four separate strains of malware used in the attack, with a fourth discovered by Symantec towards the end of last month. 

What ensued was a cyber-rampage in which hundreds of victims were compromised among the 18,000 suspected as having been infected by the malicious Orion platform update. Attackers even managed to view Microsoft source code as part of their activities.

The US government, meanwhile, has blamed Russia for orchestrating the attack.

“I think from a software engineering perspective, it's probably fair to say that this is the largest and most sophisticated attack the world has ever seen,” Brad Smith continued, adding that attacks are “almost certainly” continuing today.

SolarWinds recently revealed it’s in the process of boosting its cyber security capabilities following the devastating attack, expanding its staff count, techniques as well as internal processes. Security advisor Alex Stamos, who was also recruited by Zoom to quash its security woes last year, will be leading these efforts.

Featured Resources

2021 Thales access management index: Global edition

The challenges of trusted access in a cloud-first world

Free download

Transforming higher education for the digital era

The future is yours

Free download

Building a cloud-native, hybrid-multi cloud infrastructure

Get ready for hybrid-multi cloud databases, AI, and machine learning workloads

Free download

The next biggest shopping destination is the cloud

Know why retail businesses must move to the cloud

Free Download

Recommended

Marsh McLennan reveals its cyber risk analytics center
risk management

Marsh McLennan reveals its cyber risk analytics center

15 Oct 2021
What is cyber warfare?
Security

What is cyber warfare?

15 Oct 2021
£100 contactless payment limit could place shoppers at risk, warn industry experts
Policy & legislation

£100 contactless payment limit could place shoppers at risk, warn industry experts

15 Oct 2021
Hackers used MSHTML exploit a week before patches were ready
zero-day exploit

Hackers used MSHTML exploit a week before patches were ready

14 Oct 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Veritas Backup Exec 21.3 review: Covers every angle
backup software

Veritas Backup Exec 21.3 review: Covers every angle

14 Oct 2021
HPE wins networking contract with Birmingham 2022 Commonwealth Games
Network & Internet

HPE wins networking contract with Birmingham 2022 Commonwealth Games

15 Oct 2021