The head of Microsoft said on Thursday that the Russian hacking campaign torn up by the US government had zeroed in on more than 40 organizations.
The campaign, which US officials believe is the work of Russian intelligence, began at least early on March, Which was only discovered last week, and has been broken into several federal systems.
A multi-company report this week described it as “Is going on, ”Opens the question of how many companies were compromised and how bad they were.
Microsoft was the first company to provide a comprehensive estimate of how widespread the hack is. While the company does not have total visibility in the hacking campaign, it does have significant insights into the use of Windows and its antivirus software, Defender, by governments and companies.
A Website As of Thursday evening, Brad Smith, the company’s chairman, had identified more than 40 organizations that had been significantly affected, with 80 percent in the United States, but also in Belgium, Canada, Israel, Mexico, Spain, the United Arab Emirates and the United Kingdom.
Although many victims are government agencies, companies that contract with governments or think tanks and information and technology companies are often the victims, Microsoft found.
The breadth of the campaign is an open question because it had the potential to affect a wide range of victims.
Hackers were able to get into companies First entered the Solar Winds, A relatively obscure technology company in Austin, Texas, which considers many U.S. government agencies and large corporations as clients. In March, hackers were able to send poisonous software updates to all Solar Winds customers who used versions of its popular Orion operating system, which set foot on victims’ systems.
A Filed Monday With the Securities and Exchange Commission, Solar Winds noted that about 33,000 customers may have downloaded the malicious software update, although the actual number of victims is estimated to be “less than 18,000”.
However, experts and US officials widely relied on Russia to allocate resources only for hacking and stealing information from the list of the most targeted organizations.
In an earlier interview with Dmitry Alberovich, co-founder of the cybersecurity firm Credstrike and head of the Silverdo Policy Accelerator, he said that the intelligence agency could not fully exploit many victims and instead address more valuable targets. .
“The good news here is, if you want to search for a silver lining, no intelligence system has enough manpower to go behind everyone.” Alberovich said Monday.
“It simply came to our notice then. The bad news is, they had the best nine months to do cherry-pick. ”
Most of the hacked systems have not yet been identified. Three key targets have been identified as being affected: the U.S. Department of Commerce and Energy and cybersecurity firm FireE, which first reported. Several companies have been declared victims, but have not come forward to confirm.
Solar Winds is a maintained List Of the more than 100 major government and business clients on its website, it deleted the page on Monday. None of those organizations have been admitted to have been hacked, although many of them said they were still investigating or did not respond to requests for comment.
Rich Cordella and Ken Dylanian Contributed.