Microsoft logo on a California building.LUCY NICHOLSON / Reuters
The massive cyberattack that American public organizations and companies have suffered since last spring by allegedly
Russian
hackers
had more consequences on Microsoft, one of the large companies affected, than so far known.
The attackers were able to see part of the source code - the instructions that form the basis for the operation of the programs and web pages - used by the company, although they could not modify any system or have access to customer data, according to a statement. posted Thursday on the company's blog.
As in the rest of the attacked organizations, the
hackers
used the updates of an
internal plumbing
software
for computer systems developed by the Texas company Solarwinds
to enter the systems
.
“We detected unusual activity on a small number of internal accounts and after reviewing them we discovered that one of them had been used to view the source code in various repositories.
The account did not have permission to modify any code or engineering systems and our investigation further confirmed that no changes were made.
These accounts were investigated and repaired, ”the company statement said.
“Our internal investigation has found no evidence of access to production services or customer data.
The investigation, which is ongoing, has also found no evidence that our systems have been used to attack others, ”the company continues.
Initially, Microsoft claimed that its systems had not suffered any breach during the attack.
The company has not clarified how long the infiltration of the
hackers
lasted,
nor has it specified what source code for which specific product they could spy on.
Regarding responsibility for the attack, Microsoft's statement reinforces the idea that it has been sponsored by a foreign power.
"We want to be transparent and share what we are learning while we fight what we believe to be a very sophisticated state actor," he says.
The Russian government, the number one suspect in launching the operation, has categorically denied these accusations, described by the Kremlin as "continuation of blind Russophobia."
The attack has been uncovered three months after Russian President Vladimir Putin proposed to the United States a truce to avoid incidents in cyberspace.
The still US president, Donald Trump, contradicting his own intelligence services, said days ago on Twitter that there could be hidden interests in accusing Russia and suggested the possible responsibility of China.
But Chris, you don't see any activity from China, even though it is a FAR greater threat than Russia, Russia, Russia.
They will both, plus others, be able to interfere in our 2020 Election with our totally vulnerable Unsolicited (Counterfeit?) Ballot Scam.
Check it out!
https://t.co/mH3vrHWvS8
- Donald J. Trump (@realDonaldTrump) September 18, 2020
The scope of the cyber attack is still being assessed.
For more than half a year, the pirates infiltrated at least six US government departments, including Defense, Treasury, State and Energy, as well as many other official agencies and large companies.
The attack was detected when FireEye, a private cybersecurity company sounded the alarm.
You can follow EL PAÍS TECNOLOGÍA RETINA on Facebook, Twitter, Instagram or subscribe here to our Newsletter.