Microsoft Corporation recently revealed in a blog post that the group behind the recent SolarWinds hack was also able to gain access to some of the company’s source code — reports Reuters.
Uncovered right before Christmas, the hack saw a group of digital outlaws piggybacking off SolarWinds’ software to break into the institutions the company provides network management solutions to.
The list of victims includes sensitive U.S. government installations at the local, state, and federal levels, as well as thousands of SolarWinds’ commercial customers. While the hack’s perpetrators are currently unknown, it is speculated that a Russian intelligence agency was behind it.
“The source code is the architectural blueprint of how the software is built,” said Andrew Fife from Cycode, an Israeli firm that deals in source code protection. Basically, if you know how something is built, it becomes much easier to break into it.
While Microsoft was able to confirm that the group did not modify any of the tech giant’s source code or gain “access to production services”, how much source code they accessed and what Microsoft products have been compromised currently remains unknown.
People close to the matter confirmed that Microsoft had known for days that its source code had been compromised, and a Microsoft spokesperson has stated that the company’s security experts are working “around the clock” to uncover the true extent of the damage.