Microsoft: SolarWinds attack took more than 1,000 engineers to create

Microsoft: SolarWinds attack took more than 1,000 engineers to create

Posted by HSSL Systems Integrator on Feb 19th 2021

You may have missed this extremely interesting bit of data that ZDNet just published. "Microsoft reckons that the huge attack on security vendors and more took the combined power of at least 1,000 engineers to create.

"The months-long hacking campaign that affected US government agencies and cybersecurity vendors was "the largest and most sophisticated attack the world has ever seen," Microsoft president Brad Smith has said, and involved a vast number of developers.

"The attack, disclosed by security firm FireEye and Microsoft in December, may have impacted as many as 18,000 organizations as a result of the Sunburst (or Solorigate) malware planted inside SolarWinds's Orion network management software. "I think from a software engineering perspective, it's probably fair to say that this is the largest and most sophisticated attack the world has ever seen," Smith told CBSNews' 60 Minutes

"Kevin Mandia, CEO of FireEye, also discussed how the attackers set off an alarm but only after the attackers had successfully enrolled a second smartphone connected to a FireEye employee's account for its two-factor authentication system. Employees need that two-factor code to remotely sign into the company's VPN. "Just like everybody working from home, we have two-factor authentication," said Mandia.

"A code pops up on our phone. We have to type in that code. And then we can log in. A FireEye employee was logging in, but the difference was our security staff looked at the login and we noticed that individual had two phones registered to their name. So our security employee called that person up and we asked, "Hey, did you actually register a second device on our network?" And our employee said, "No. It wasn't, it wasn't me."