The hacking that lasted months and affected US government agencies and Companies The cyber security breach was "the largest and most sophisticated attack the world has ever seen," Microsoft's president said, and involved a very large number of developers.
The attack, unveiled by security company FireEye and Microsoft in December, may have affected up to 18.000 organizations using Sunburst (or Solorigate) malware through its network management software. SolarWinds Orion.
“I think from her point of view engineeringsoftware, it's probably fair to say that this is the biggest and most sophisticated attack the world has ever seen." said Smith on CBSNews 60 Minutes.
Microsoft, which was also breached for failing to notify Orion, commissioned 500 engineers to investigate the attack, Smith said, but the team (most likely Russian-backed) behind the attack had twice as many developers.
"When we analyzed everything we saw at Microsoft, we wondered how many developers worked on these attacks. "And the answer we had was definitely over 1.000," Smith said.
U.S. agencies confirmed to have been affected by the attacks include the US Treasury Department, the Office of Cyber Security and Infrastructure (CISA), the Department of Homeland Security (DHS), the State Department and the US Department of Energy (DOE). .
"While governments have been spying on each other for centuries, recent attackers have used a technique that has jeopardized its supply chain. technologys for the broader economy," Smith said after the attacks were revealed.
He said it was an attack "on the confidence and credibility of the world's critical infrastructure to promote a nation's intelligence service".
Smith told CBSNews' 60 Minutes that the hackers wrote 4.032 lines from scratch code in Orion, which consists of millions of lines of code.