Microsoft: ‘More than 1,000 engineers’ executed SolarWinds attack

The company's president Brad Smith says the ongoing hack is the 'largest and most sophisticated the world has ever seen'

A group of hackers behind the Russian flag

The infamous SolarWinds supply chain attack that infected the networks of up to 18,000 government and private organisations was the most sophisticated ever recorded in history, Microsoft’s president Brad Smith has claimed.

In its in-depth analysis of the attack following its disclosure, Microsoft has identified that more than 1,000 engineers were involved in executing the attacks in full, according to Smith in conversation with CBS News.

The firm has assigned 500 engineers itself to investigate the attack, with one of these individuals comparing it to a Rembrandt painting with more details emerging the closer they looked at it, he added.

“SolarWinds Orion is one of the most ubiquitous software products you probably never heard of, but to thousands of IT departments worldwide, it's indispensable,” Smith told CBS News’ 60 Minutes.

"It's made up of millions of lines of computer code. 4,032 of them were clandestinely re-written and distributed to customers in a routine update, opening up a secret backdoor to the 18,000 infected networks. 

“When we analysed everything that we saw at Microsoft, we asked ourselves how many engineers have probably worked on these attacks. And the answer we came to was, well, certainly more than 1,000.”

A drip-feed of information has emerged since the attack was first made public towards the end of 2020, with details around the scale of the disruption and method of infiltration becoming clearer as several investigations progress.

Related Resource

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Although SolarWinds confirmed on 14 December that it had fallen victim to the attack, we’ve since learned that hackers had infiltrated the company as far back as September 2019. There were also at least four separate strains of malware used in the attack, with a fourth discovered by Symantec towards the end of last month. 

What ensued was a cyber-rampage in which hundreds of victims were compromised among the 18,000 suspected as having been infected by the malicious Orion platform update. Attackers even managed to view Microsoft source code as part of their activities.

The US government, meanwhile, has blamed Russia for orchestrating the attack.

“I think from a software engineering perspective, it's probably fair to say that this is the largest and most sophisticated attack the world has ever seen,” Brad Smith continued, adding that attacks are “almost certainly” continuing today.

SolarWinds recently revealed it’s in the process of boosting its cyber security capabilities following the devastating attack, expanding its staff count, techniques as well as internal processes. Security advisor Alex Stamos, who was also recruited by Zoom to quash its security woes last year, will be leading these efforts.

Featured Resources

Security analytics for your multi-cloud deployments

IBM Security QRadar SIEM solution brief

Download now

Five reasons to move to the cloud

Join the enterprises moving their workloads to the cloud

Download now

Architecting hybrid IT and edge for digital advantage

Why business leaders should consider a hybrid IT strategy

Download now

Six reasons to accelerate remote asset monitoring with AI

How to optimise resources, increase productivity, and grow profit margins with AI

Download now

Recommended

What is cyber warfare?
Security

What is cyber warfare?

22 Sep 2020
CISA warns of ongoing Accellion File Transfer Appliance attacks
hacking

CISA warns of ongoing Accellion File Transfer Appliance attacks

25 Feb 2021
What is a Trojan?
Security

What is a Trojan?

25 Feb 2021
FedEx and DHL phishing emails target Microsoft users
phishing

FedEx and DHL phishing emails target Microsoft users

24 Feb 2021

Most Popular

Mysterious Silver Sparrow malware hits 30,000 macOS devices
malware

Mysterious Silver Sparrow malware hits 30,000 macOS devices

22 Feb 2021
IBM reportedly mulls sale of Watson Health business
mergers and acquisitions

IBM reportedly mulls sale of Watson Health business

22 Feb 2021
New monitors for an agile new normal
Sponsored

New monitors for an agile new normal

19 Feb 2021