In a statement, Microsoft Corp’s President Brad Smith said, the SolarWinds hacking campaign that used the U.S. tech company as a springboard to compromise many U.S. government agencies is “the largest and most sophisticated attack the world has ever seen”.
The hacking campaign, identified in December 2020, was allegedly orchestrated by China and Russia, had piggybacked on software created by U.S. tech company SolarWinds Corp, giving the hackers access to thousands of computers used by U.S. companies and government offices that used SolarWinds Corp’s products.
Following the hack, the hackers gained access to emails at the U.S. Treasury, Commerce departments, Department of Justice and other agencies.
According to cybersecurity experts, it could take months to identify the compromised systems and expel the hackers.
“I think from a software engineering perspective, it’s probably fair to say that this is the largest and most sophisticated attack the world has ever seen,” said Smith during an interview that aired on Sunday on the CBS program “60 Minutes.”
The hacking attack probably compromised up to 18,000 SolarWinds customers that used the company’s Orion network monitoring software.
“When we analyzed everything that we saw at Microsoft, we asked ourselves how many engineers have probably worked on these attacks. And the answer we came to was, well, certainly more than 1,000,” said Smith.
Last months, U.S. intelligence services stated Chinese hackers may have used Russia as an entry point with the aim of collecting intelligence rather than destructive acts.
Russia has denied responsibility for the hacking campaign.