Microsoft has become the latest victim of the ever-widening SolarWinds-driven cyberattack that has impacted rafts of federal agencies and tech targets. Its president, Brad Smith, warned late Thursday to expect many more victims to come to light as investigations continue.
Adversaries were able to use SolarWinds’ Orion network management platform to infect users with a stealth backdoor called “Sunburst” or “Solorigate,” that opened the way for lateral movement to other parts of a network. It was pushed out via trojanized product updates to almost 18,000 organizations around the globe, starting nine months ago. Once embedded, the attackers have been able to pick and choose which organizations to further penetrate.