Published 13:56 IST, December 25th 2020
Russia-linked hackers used Microsoft resellers in massive US cyberattacks: Report
In the major US cyberattack linked to Russian hackers, new evidence has reportedly indicated that several channels including Microsoft resellers were used.
While the US is still determining the extent and true impact of the large-scale cyberattack linked to Russian hackers on American firms and federal agencies, new evidence has reportedly indicated that the cybercriminals hunted their victims to several channels including Microsoft resellers. As per reports, security firm CrowdStrike has suggested that the companies that sell software on Microsoftās behalf were also used by the hackers to break into the customers of Microsoftās Office 365 software.
This groundbreaking revelation came after the only identified source for the major cyber attack was from SolarWinds whose updates had reportedly compromised the security. However, resellers are reportedly often entrusted to set up and maintain clientsā software such as the Texas-based company SolarWinds that have been an ideal front for the Russian hackers. As per New York Times report, the founder of a cybersecurity firm, Glenn Chisholm said that the hackers were unable to get into Microsoft 365 directly and therefore targetted the āweakest pointā in the supply chain, that were the resellers.
CrowdStrike confirmed earlier this week
Just earlier this week, CrowdStrike had reportedly confirmed that it was also a target of the attack. However, in this case, the Russian-linked hackers reportedly did not use SolarWinds but a Microsoft reseller but it was unsuccessful. However, as per the media outlet, CrowdStrike declined for an elaborate comment on the issue.
In one of the latest blows to US President Donald Trumpās administration in its closing days, as many as 12 federal agencies are crippling with a massive cyberattack which is reportedly described as the biggest breach in several years. Triggering speculation of Russian hackersā involvement, US officials have reportedly said that the hacks have been ongoing for several months allowing the ones who breached the websites to monitor as well as read USā confidential emails. The US cyber-security firm that had identified the large-scale hacking of countryās several federal agencies has reportedly said that it āgenuinely impactedā at least 50 organisations.
Updated 13:54 IST, December 25th 2020