Technology & Science

Microsoft says hackers got further into its systems than the corporation previously thought

Microsoft said Thursday in a blog post that hackers tied to a massive intrusion of dozens of U.S. government agencies and private companies sneaked further into its systems than previously thought, although the intrusion doesn't appear to have caused any additional harm.

The intrusion of U.S. government agencies doesn't appear to have caused any additional harm, tech giant says

Microsoft said Thursday in a blog post that hackers tied to a massive intrusion of dozens of U.S. government agencies and private companies sneaked further into its systems than previously thought, although the intrusion doesn't appear to have caused any additional harm. (Jeenah Moon/Getty Images)

Microsoft said Thursday in a blog post that hackers tied to a massive intrusion of dozens of U.S. government agencies and private companies sneaked further into its systems than previously thought, although the intrusion doesn't appear to have caused any additional harm.

The company said the hackers were able to view some of the code underlying Microsoft software, but weren't able to change it.

Microsoft played down any risk associated with the additional intrusion, noting that its software development relies on code sharing within the company, a practice called "inner source." Likewise, Microsoft said it doesn't rely on keeping program code secret as a security measure and instead assumes that adversaries have seen its code and uses other defensive measures to frustrate attacks.

The company said it found no evidence of hacker access to customer data and no indication its systems were used to attack others.

The hack began as early as March when malicious code was slipped into updates to SolarWinds software that monitors computer networks. Microsoft helped respond to the breach with cybersecurity firm FireEye, which discovered the hack when the security firm itself was targeted.

Cybersecurity experts and U.S. officials suspect Russia was behind the hack. Microsoft said earlier this month that it identified more than 40 government agencies, think tanks, nongovernmental organizations and IT companies infiltrated by the hackers. Russia has denied that it is to blame.

 

Comments

To encourage thoughtful and respectful conversations, first and last names will appear with each submission to CBC/Radio-Canada's online communities (except in children and youth-oriented communities). Pseudonyms will no longer be permitted.

By submitting a comment, you accept that CBC has the right to reproduce and publish that comment in whole or in part, in any manner CBC chooses. Please note that CBC does not endorse the opinions expressed in comments. Comments on this story are moderated according to our Submission Guidelines. Comments are welcome while open. We reserve the right to close comments at any time.

Become a CBC Member

Join the conversationCreate account

Already have an account?

now