Microsoft Corporation (MSFT) admitted that it had found malware in its own internal systems similar to the state-sponsored hackers from Russia that allegedly infected Orion software from SolarWinds Corporation (SWI) However, Microsoft claims to have contained and fixed the problem and that, contrary to speculation in initial press reports, its own products and customers were not affected

The Reuters report suggesting a possible impact of the SolarWinds violation on Microsoft customers stated: “It wasn’t immediately clear how many Microsoft users were affected by the polluted [SolarWinds] products” ”

In response to this, Frank X Shaw, corporate vice president of communications at Microsoft, posted the following statement on Twitter: “Like other SolarWinds customers, we have been actively looking for indicators for this actor and can confirm that we have discovered malicious SolarWinds binaries [ie, code] in Our environment that we have isolated and removed We found no evidence of access to manufacturing services or customer data Our ongoing investigations have found absolutely no evidence that our systems have been used to attack others “”

SolarWinds is a major developer and seller of software that large corporations and government agencies use to manage their networks, systems, and information technology infrastructures The violation attributed to state-sponsored Russian hackers affects the Orion platform developed by SolarWinds, which counts many US Federal agencies and Fortune 500 companies, including Microsoft, among their users

Orion’s first compromise was traced back to March 2020, and around May 18th000 customers may have received malicious code Microsoft is reported to be taking a leading role in working together to neutralize the malicious code

Private equity firms Silver Lake and Thoma Bravo reportedly held SolarWinds shares worth 158 million in December USD or 128 million USD sold 7, 2020, six days before news of the violation was published.These companies collectively own approximately 70% of SolarWinds shares and control six directorshipsS. The Securities and Exchange Commission (SEC) is likely to engage in potential illegal insider trading in these companies

In response to the Reuters story that broke after the market closed on December 17, 2020, Microsoft stock saw a slight drop in off-hours trading of just under 1%, however, according to Microsoft spokesman Frank X, much of the lost ground was later on Shaw made his representations

If Microsoft is correct in claiming that its systems have been cleaned and that its customers are not at risk, it shouldn’t have a negative impact. Even so, the situation is fluid and at an early stage

Microsoft President Brad Smith made a detailed statement following the news reports about the SolarWInds hack and its possible impact on Microsoft. Key points include: “The past 12 months have been a turning point year with evolving cybersecurity threats on three eye-opening fronts sustained rise in the determination and sophistication of nation-state attacks the increasing privatization of cybersecurity attacks by a new generation of private corporations, similar to mercenaries of the 21st century Century the interface between cyber attacks and COVID-19 itself “”

Regarding COVID-19, Smith noted: “After a brief hiatus in March, cyberattacks targeted hospitals and health authorities, from local governments to the World Health Organization (WHO) Microsoft security teams identified three nation-state actors targeting seven leading companies directly involved in research into vaccines and treatments for COVID-19 “”

Smith urges, “Put simply, we need a more effective national and global strategy to protect against cyberattacks. First, we must take an important step forward in sharing and analyzing threat intelligence. Second, we must strengthen international rules to override reckless nation-state behavior and ensure that national laws prevent the rise of the cyberattack ecosystem. Finally, we need stronger steps to hold nation states accountable for cyberattacks “”

In November 2020, Microsoft appointed veteran cybersecurity manager Christopher Young to lead business development, and it is possible that this move ushered in a strategic initiative to make Microsoft an even bigger player in cybersecurity, and recent events could make it an even bigger one Make a bid

The Washington Post “Investors in the injured software company SolarWinds traded $ 280 million in shares days before the hack was exposed,” Accessed Dec said 17, 2020

Microsoft Corporation, “A Moment of Reckoning: The Need for a Strong, Global Response to Cyber ​​Security,” Accessed Dec 17, 2020

SolarWinds

World News – CA – Microsoft (MSFT) has removed malware from the SolarWinds (SWI) hack

Source: https://www.investopedia.com/microsoft-msft-removed-malware-from-solarwinds-swi-hack-5092938