Washington, Dec 31 (EFE News) .- The software giant Microsoft revealed this Thursday that the recent massive cyberattack that the federal government attributes to Russian hackers penetrated deeper into its system than it believed, and exposed at least part of its source code.
In a message published on its blog, Microsoft stressed that the hackers were unable to make any changes to its source code, but acknowledged that they had access to it, without clarifying for how long or to which programs the impacted files corresponded.
“We detected unusual activity on a small number of internal accounts, and upon review, we discovered that an account (of an employee) had been used to view source code in a series of source code repositories,” Microsoft said.
The multinational stated that this fact does not necessarily imply “a high risk” for the security of the company’s programs, because its system “assumes that attackers can know the source code” of the products and does not need it to be secret.
In addition, Microsoft stressed that its investigation of the cyber attack has not found any evidence that hackers accessed consumer data, or that they used their systems to attack others.
However, his announcement is a new example of the seriousness of the massive cyber attack, which has affected customers for months through a popular program of the US technology company SolarWinds.
That program, called Orion, is used to monitor computer networks by both the government and hundreds of large companies, as well as companies that monitor critical infrastructure, such as the US power grid.
The federal government has held Russia responsible for the attack and has recognized that those responsible have compromised “crucial infrastructures” in the country, after entering the systems of the Treasury, State, Commerce and National Security departments, among others.
The cyberattack could have started in October 2019 and could still be active, according to US authorities, who consider it “extremely difficult” to fully restore security to the affected systems.
President-elect Joe Biden has promised to retaliate “substantial” for the cyber attack once he comes to power on January 20, although he has avoided directly attributing the attack to Russia for now, arguing that he is the outgoing president, Donald Trump, who must establish who the author was.
Secretary of State Mike Pompeo this month accused Russia of being behind the cyber attack, but Trump himself has avoided doing the same and even raised the possibility that it was China, something that US intelligence agencies do not believe.
The Kremlin has denied any involvement in the cyber attacks.
– .
