Think of all the information that these hubs carry and then think about what happened on Christmas morning in Nashville. There was not just one intelligence hub targeted –but two and both have ties to the companies that have had data breaches that have affected the infrastructure of the United States.
It’s going to take months to kick elite hackers out of the U.S. government networks they have been quietly rifling through since as far back as March in Washington’s worst cyberespionage attack on record.
Experts say there simply are not enough skilled threat-hunting teams to duly identify all the government and private-sector systems that may have been hacked. FireEye, the cybersecurity company that discovered the intrusion into U.S. agencies and was among the victims, has already tallied dozens of casualties.
It is racing to identify more.
The massive state-sponsored espionage campaign that compromised software maker SolarWinds also targeted Microsoft, as the unfolding investigation into the hacking spree reveals the incident may have been far wider in scope, sophistication, and impact than previously thought.
News of Microsoft’s compromise was first reported by Reuters, which also said the company’s own products were then used to strike other victims by leveraging its cloud offerings, citing people familiar with the matter.
At first Microsoft denied the threat actor had infiltrated its production systems to stage further attacks against its customers.
Characterizing the hack as “a moment of reckoning,” Microsoft president Brad Smith said it has notified over 40 customers located in Belgium, Canada, Israel, Mexico, Spain, the UAE, the UK, and the US that were singled out by the attackers. 44% of the victims are in the information technology sector, including software firms, IT services, and equipment providers.