Microsoft's security team said today that it has officially closed its investigation into the infringement της SolarWinds και δεν βρήκε στοιχεία που να αποδεικνύουν ότι οι hackers κακοποίησαν τα εσωτερικά της συστήματα ή τα επίσημα προϊόντα της για να επιτεθούν σε τελικούς users and businesses.
The company began investigating the breach in mid-December when it was discovered that Russian hackers had breached SolarWinds and introduced malware into the Orion IT monitoring platform, a product used internally by Microsoft.
Microsoft said that after its shutdown access hackers continued to try to gain access to Microsoft accounts throughout December and until early January 2021, weeks after the attack. revealing SolarWinds breach and after Microsoft made it clear that it was investigating the incident.
"There was no way that all repositories could be accessed by any product or service," the company's security team said today. "There was no access to the vast majority of the source code. "
Microsoft said that intruders appear to have focused on identifying access tokens that could be used to extend their access to other Microsoft systems.
The Redmond-based company said the searches failed because of internal security practices that prevented developers from storing access tokens.
The attackers, however, managed to download the source code of the company. However, Microsoft said the data was not extensive and that the intruders downloaded the source code of only a few items related to some of the cloud-based products.
According to Microsoft, these repositories contained code for:
a small subset of Azure components (subsets of service, security, identity)
a small subset of Intune components
a small subset of Exchange items
Overall, the incident does not appear to have corrupted Microsoft products or led hackers to gain extensive access to user data.
