Microsoft says 80% of identified SolarWinds attack victims are in the US

Microsoft logo
Microsoft logo (Image credit: Daniel Rubino / Windows Central)

What you need to know

  • Microsoft identified over 40 of its customers that have been targeted by the SolarWinds supply chain attack.
  • More than 80 percent of the identified victims were located in the United States.
  • The attack targeted government agencies, security firms, technology firms, government contractors, and more.

Microsoft identified over 40 of its customers that have been targeted by the recent cyberattack that utilized the SolarWinds Orion platform (via ZDNet). Microsoft discovered this information with data from Microsoft Defender. The attacks surfaced last week after security firm FireEye stated that state-sponsored hacking groups used a malware-laced version of SolarWinds Orion, which is a popular network monitor tool for enterprises. SolarWinds shared a press release on the Cyber Attack.

The attacks targeted government agencies and went after security firms, technology firms, government contractors, and more.

SolarWinds explains that the "attack was very sophisticated supply chain attack, which refers to a disruption in a standard process resulting in a compromised result with a goal of being able to attack subsequent users of the software." According to SolarWinds, around 18,000 customers installed trojanized updates.

Microsoft president, Brad Smith, outlines the attack and its far-reaching effects in great detail in a blog post. Smith highlights that "This is not 'espionage as usual,' even in the digital age. Instead, it represents an act of recklessness that created a serious technological vulnerability for the United States and the world."

Microsoft took several steps this week to protect customers, including seizing the web domain that was used to report information to cyberattackers. Microsoft worked with GoDaddy and FireEye to turn the domain into a kill switch to prevent malware from reporting back and downloading a second-stage payload for attacks.

Reuters initially reported that hackers utilized the attacks to access Microsoft's internal network, but Microsoft issued a statement denying that the attacks were able to access production services or customer data:

Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious SolarWinds binaries in our environment, which we isolated and removed. We have not found evidence of access to production services or customer data. Our investigations, which are ongoing, have found absolutely no indications that our systems were used to attack others (emphasis added).

Microsoft Solarwinds Attack Map

Source: Microsoft (Image credit: Source: Microsoft)

Microsoft identified over 40 of its customers targeted by the attack that have been compromised through "additional and sophisticated measures." Microsoft is working to notify these customers. According to Microsoft, roughly 80 percent of the targeted customers are in the United States, but there are also victims in seven other countries; Canada, Mexico, Belgium, Spain, the United Kingdom, Israel, and the UAE. Smith states that "It's certain that the number and location of victims will keep growing."

"We are witnessing an attack by a nation with top-tier offensive capabilities," said FireEye CEO Kevin Mandia in a blog post on the attacks.

Microsoft states that "The attack is ongoing and is being actively investigated and addressed by cybersecurity teams in the public and private sectors, including Microsoft."

CATEGORIES
Sean Endicott
News Writer and apps editor

Sean Endicott is a tech journalist at Windows Central, specializing in Windows, Microsoft software, AI, and PCs. He's covered major launches, from Windows 10 and 11 to the rise of AI tools like ChatGPT. Sean's journey began with the Lumia 740, leading to strong ties with app developers. Outside writing, he coaches American football, utilizing Microsoft services to manage his team. He studied broadcast journalism at Nottingham Trent University and is active on X @SeanEndicott_ and Threads @sean_endicott_. 

Latest in Microsoft
Steve Ballmer and Bill Gates, former CEOs of Microsoft.
Bill Gates says Satya Nadella almost missed the cut for CEO of Microsoft — Even with Steve Ballmer's support
HP Reverb G2 VR headset
Was Windows Mixed Reality as bad as I remember? I look back at the failed VR platform that was ahead of its time.
Microsoft Majorana 1 chip designed for quantum computing
Microsoft dismisses quantum computing skepticism: "There is a century-old scientific process established by the American Physical Society for resolving disputes"
The Microsoft logo on a smartphone and laptop arranged in Crockett, California, US, on Friday, Dec. 29, 2023.
"Would you say there is a reasonable balance between what you contribute to Microsoft and what you get in return?" Two-thirds of Microsoft employees say YES — as AI engineers get preferential compensation packages.
Like a Dragon Pirate Yakuza in Hawaii screenshot
Microsoft blocks (some) Windows 11 pirates while Lenovo steals the show at Mobile World Congress
Satya Nadella with Sam Altman at a conference
Salesforce CEO Marc Benioff's prediction about Microsoft and OpenAI's partnership may have just manifested — and it's not a pretty look for the ChatGPT maker
Latest in News
Screenshot of one of the new flat world presets in Minecraft.
Minecraft testing new flat world presets and a better way to locate your friends in-game
Cover art for Heroes of the Storm.
Xbox Game Pass will give you more benefits in free-to-play games like Heroes of the Storm
Surface Pro 11
Microsoft’s smaller Surface Pro appears in certification database ahead of rumored launch this spring
Artificial intelligence mobile apps for DeepSeek, ChatGPT and Google Gemini arranged.
Google says its latest reasoning model is its "most intelligent" — but Microsoft's CEO claims Google already fumbled its AI opportunity
ChatGPT and Microsoft Logo
ChatGPT’s new image-generation tool is impressive; it can finally create a glass of wine filled to the brim — but it struggles with blank white images and appears to discriminate against 'sexy women'
Microsoft Edge Sidebar
My favorite Microsoft Edge feature just got an AI upgrade — is this the best way to use Copilot on Windows 11?