Το hacking που διήρκεσε μήνες και επηρέασε τις κυβερνητικές υπηρεσίες των USA και εταιρείες ασφαλείας στον κυβερνοχώρο ήταν “η μεγαλύτερη και πιο εξελιγμένη επίθεση που έχει δει ποτέ ο κόσμος”, δήλωσε ο πρόεδρος της Microsoft και σε αυτή συμμετείχε ένας πολύ μεγάλος αριθμός προγραμματιστών.
The attack, unveiled by security company FireEye and Microsoft in December, may have affected up to 18.000 organizations using Sunburst (or Solorigate) malware through its network management software. SolarWinds Orion.
"In terms of software engineering, I think it's fair to say that this is the biggest and most complex attack the world has ever seen." said Smith on CBSNews 60 Minutes.
Microsoft, which was also breached for failing to notify Orion, commissioned 500 engineers to investigate the attack, Smith said, but the team (most likely Russian-backed) behind the attack had twice as many developers.
"When we analyzed everything we saw at Microsoft, we wondered how many developers worked on these attacks. "And the answer we had was definitely over 1.000," Smith said.
U.S. agencies confirmed to have been affected by the attacks include the US Treasury Department, the Office of Cyber Security and Infrastructure (CISA), the Department of Homeland Security (DHS), the State Department and the US Department of Energy (DOE). .
"While governments have been spying on each other for centuries, recent attackers have used a technique that has jeopardized its supply chain. technologyς για την ευρύτερη οικονομία”, δήλωσε ο Smith μετά την αποκάλυψη των επιθέσεων.
He said it was an attack "on the trust and reliability of its critical infrastructure world, in order to promote the intelligence service of a nation ”.
Smith told CBSNews' 60 Minutes that the intruders initially wrote 4.032 lines of code in Orion, which consists of millions of lines of code.
