{"id":1808186,"date":"2021-01-01T00:27:00","date_gmt":"2020-12-31T22:27:00","guid":{"rendered":"http:\/\/nhub.news\/?p=1808186"},"modified":"2021-01-01T06:04:16","modified_gmt":"2021-01-01T04:04:16","slug":"microsoft-reveals-solarwinds-hackers-gained-access-to-its-source-code","status":"publish","type":"post","link":"http:\/\/nhub.news\/fr\/2021\/01\/microsoft-reveals-solarwinds-hackers-gained-access-to-its-source-code\/","title":{"rendered":"Microsoft reveals SolarWinds hackers gained access to its source code"},"content":{"rendered":"

Microsoft says viewing its source code doesn\u2019t pose any risk elevation threat, as it already assumes attackers have knowledge of it.<\/b>
\nMicrosoft recently revealed that it found \u201cmalicious binaries\u201d on its systems in the wake of the massive SolarWinds hack which targeted products such as Azure, but the company assured that no user data was compromised. However, it appears that the hackers went deeper into Microsoft\u2019s systems than previously disclosed by the company. In an official blog post, the software giant has today divulged that the group behind the massive cybersecurity incident also got access to Microsoft source code. \u201cWe detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories,\u201d the company said. Microsoft, however, assured that these accounts did not have the required privilege to be able to make changes to the source code, something that would have been catastrophic had it actually happened. \u201cThese accounts were investigated and remediated,\u201d Microsoft adds. The company also noted that viewing its source code doesn\u2019t pose any risk elevation threat, as the company is not dependent on how well the source code is protected for product security and that it already assumes that \u201cattackers have knowledge of source code.\u201d While Microsoft\u2019s assurance might come as a sigh of relief, it also serves as a clear sign of how far-reaching the SolarWinds attack was which affected companies such as Intel, Nvidia, and VMWare to name a few. Even though Microsoft has downplayed the risks, accessing the source code is no small thing in the world of cybersecurity. After all, it is the building block and a fundamental component of a program (or software), and having access to it makes it much easier to launch attacks. Microsoft President Brad Smith recently called the attack \u2018a moment of reckoning\u2019 and noted that it should serve as a catalyst for more effective collaboration between tech companies and the government to launch a stronger and more coordinated global cybersecurity response.<\/p>\n