Some 250 federal agencies and business now believed to be affected. The hack targeted US government agencies and private corporations. The New York Times reported the hack may be even worse than officials first realized.
Microsoft has said the hackers compromised SolarWinds’ Orion monitoring and management software, allowing them to’impersonate any of the organization’s existing users and accounts, including highly privileged accounts’.
Early warning sensors that Cyber command and the NSA placed inside foreign networks appear to have failed in this instance. The attack apparently allowed the hackers to evade detection by the Department of Homeland Security.
Microsoft said earlier this week it had discovered its systems were infiltrated’beyond just the presence of malicious SolarWinds code’. The hacked account granting the access did n’t have permission to modify any code or systems.