Microsoft Hit in SolarWinds Hack, But Denies Software Used For More Attacks

Microsoft has denied a report that it was attacked in the recent SolarWinds hacking incident that breached security at several key federal government agencies.

A Thursday report from Reuters claimed that Microsoft was hacked and the company's compromised software was used for additional attacks on others, citing information from anonymous people said to be familiar with the situation. The report did not indicate what Microsoft software was involved or how many of the company's customers may have been affected.

A Microsoft spokesperson told Newsweek the report was erroneous.

"Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious Solar Winds binaries in our environment, which we isolated and removed,. We have not found evidence of access to production services or customer data," a Microsoft spokesperson told Newsweek. "Our investigations, which are ongoing, have found absolutely no indications that our systems were used to attack others."

"We believe the sources for the Reuters report are misinformed or misinterpreting their information," the spokesperson added.

Microsoft SolarWinds Hack
Microsoft was reportedly attacked in the recent SolarWinds hacking incident that breached security at several key federal government agencies. Noam Galai/Getty

Microsoft has taken several steps to safeguard its Windows operating system and block the compromised SolarWinds software in the past few days, according to ZDNet. Yesterday, SolarWinds' compromised Orion app was forced into "quarantine" by Microsoft Defender antivirus software running on Windows computers.

U.S. government agencies that were known targets of the suspected Russian campaign include the Department of Homeland Security, the Treasury Department, the Department of Commerce's National Telecommunications and Information Administration, the National Institutes of Health, the Cybersecurity and Infrastructure Agency and the Department of State.

A Thursday report published by Bloomberg claimed that the Energy Department's National Nuclear Security Administration, responsible for maintaining the country's nuclear stockpile, was breached along with government networks in three unidentified states. The Intercept reported on the same day that the government network of Austin, Texas also was targeted and breached in the attack.

The attack was discovered after cybersecurity company FireEye, which was also hacked, investigated how its own systems were compromised. A "backdoor" in the SolarWinds software was found to be the source of the breach.

Multiple reports suggest that the Russian intelligence-linked hacking group known as APT29, or Cozy Bear, was behind the attacks. The group was also believed to be behind the breach of Democratic National Committee servers that occurred during the 2016 presidential election.

Dmitry Peskov, a spokesperson for Russian President Vladimir Putin, told the Russian state-run news agency TASS that the country was not behind the attacks on Monday.

"I reject these statements, these accusations, once again," Peskov insisted. "Even if it is true there have been some attacks over many months and the Americans managed to do nothing about them, possibly it is wrong to groundlessly blame Russians right away. We have nothing to do with this."