Microsoft: SolarWinds not attacked via Office 365

There are no indications that software company SolarWinds has been attacked via Office 365 or any other Microsoft product, Microsoft claims. Reports from Reuters that Microsoft's own products have been used by the attackers for further attacks is incorrect, the tech company said.

In the attack on SolarWinds, attackers managed to gain access to the company's development environment and thus create a  backdoor updates for the SolarWinds Orion platform. Through this backdoor, the attackers regained access to all kinds of companies and government agencies. The US Cybersecurity & Infrastructure Security Agency (CISA) reported that the attackers used other attack vectors in addition to the SolarWinds backdoor.

Microsoft confirms that. These include spear phishing, web shells, password spraying and delegated credentials. Microsoft itself says it was not an initial access vector for the SolarWinds attackers. "Data hosted at Microsoft services, including email, was sometimes targeted in these attacks, but the attacker would have already obtained login credentials in a different way," the tech giant said in an update on the incident .

Previous Post Next Post