Microsoft: SolarWinds Hackers Viewed Our Source Code

(Microsoft)

(Costfoto/Barcroft Media via Getty Images)

The massive hack on US government systems also included a breach of Microsoft source code, the company announced today.

"We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories," Microsoft said in a statement. "The account did not have permissions to modify any code or engineering systems and our investigation further confirmed no changes were made. These accounts were investigated and remediated."

The company argues that viewing that source code "isn’t tied to elevation of risk" given that Microsoft has "an open source-like culture [and makes] source code viewable within Microsoft. This means we do not rely on the secrecy of source code for the security of products, and our threat models assume that attackers have knowledge of source code."

The news comes two weeks after Redmond acknowledged that it was hit by malicious computer code from the hack. Microsoft is a customer of SolarWinds, the IT provider the hackers exploited to send software updates to numerous US government agencies.

“We have been actively looking for indicators of this actor and can confirm that we detected malicious SolarWinds binaries in our environment, which we isolated and removed,” the company said earlier this month. "The investigation, which is ongoing, has also found no indications that our systems were used to attack others."

In today's update, Microsoft said it "found evidence of attempted activities which were thwarted by our protections, so we want to re-iterate the value of industry best practices...and implementing Privileged Access Workstations (PAW) as part of a strategy to protect privileged accounts." It promised updates as more details from the breach are uncovered.

Secretary of State Mike Pompeo said this month that "we can say pretty clearly that it was the Russians that engaged in this activity," though President Trump has cast doubt on that, aruging that China might be responsible.

President-elect Joe Biden has pushed Trump to reveal more details about the hackers and hold them responsible. "We are still learning about the extent of the SolarWinds hack and the vulnerabilities that have been exposed," Biden said in a Monday speech. "As I said last week — this attack constitutes a grave risk to our national security."

About Our Expert

Chloe Albanesius

Executive Editor, News

My Experience

I started out covering tech policy in DC for The National Journal, where my beat included state-level tech news and all the congressional hearings and FCC meetings I could handle. I later covered Wall Street trading tech before switching gears to consumer tech. I now lead PCMag's news coverage.

My Areas of Expertise

Getting my start in DC means I still have a soft spot for tech policy; Congressional hearings can sometimes be as entertaining as a Bravo reality show, for better or worse. But PCMag is all about the technology we use every day, as well as keeping an eye out for the trends that will shape the industry in the years ahead (or flop on arrival). I've covered the rise of social media, the iOS vs. Android wars, the cord-cutting revolution that's now left us with hefty streaming bills, and the effort to stuff artificial intelligence into every product you could imagine. This job has taken me to CES in Vegas (one too many times), IFA in Berlin, and MWC in Barcelona. I also drove a Tesla 1,000 miles out west as part of our Best Mobile Networks project. Of late, my focus is on our hard-working team of reporters at PCMag, guiding and editing their robust coverage.

Read the latest from Chloe Albanesius

Read full bio