Microsoft Says SolarWinds Hackers Viewed Its Source Code

Microsoft has acknowledged that the hackers behind the SolarWinds cyber-attack accessed and viewed source code repositories within the company.

The company had previously disclosed that it, like thousands of other companies, made internal use of the software used in the attack, SolarWinds’ Orion network management software.

The disclosure that hackers viewed its source code is new, however.

Microsoft said in a blog post the attackers gained access to a small number of internal accounts, which they used to view the repositories.

Code access

The company said the source code was not altered as the accounts in question were not authorised to do so.

Microsoft did not indicate which products the repositories pertained to.

It said the hackers did not escalate their attack to access production systems or customer data, or use their access to Microsoft’s systems to stage attacks on the company’s customers around the world.

The company said its investigation is ongoing.

The hacking group in question inserted backdoor code into SolarWinds’ Orion platform in March of 2020 and used this to access the systems of at least half-a-dozen US federal agencies as well as potentially thousands of private firms before the attack was discovered in December.

Some US officials have accused the Russian government of being behind the attack, which Russia denies.

‘Open’ environment

Security experts have said it is likely to take months for organisations to review system logs and determine what data may have been accessed and whether the intruders still have a foothold.

British security sources have said that in the UK, a small number of organisations outside of the public sector appear to have been affected.

SolarWinds issued a fix for the Orion breach shortly after it was discovered in December.

Microsoft downplayed the seriousness of hackers’ access to its source code, saying the security of its products does not depend upon the code’s secrecy.

The company said it employs an “open source-like” development approach allowing the code to be broadly viewed within the company.


“This means we do not rely on the secrecy of source code for the security of products, and our threat models assume that attackers have knowledge of source code. So viewing source code isn’t tied to elevation of risk,” the company said.

Microsoft has emphasised this approach in recent years, particularly following security incidents that led to the leak of the source code of Windows 10, Windows Server 2013 and other products.

However, in the early 2000s the company waged a publicity war against open source software, with then-chief executive Steve Ballmer comparing the open source development model to a “cancer”.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Twitter Confirms ‘Super Follow’ Option, For Paid Content

Money maker. Super follow feature coming soon on Twitter, will allow users to receive tips…

11 hours ago

Windows 10 ‘Sun Valley’ Promises Major Overhaul

OS refresh. Major update to six year old Windows 10 operating system, dubbed Sun Valley,…

14 hours ago

Oxford University Confirms Hack Of Biology Lab Studying Covid-19

NCSC investigates after hackers compromised one of the world’s top biology labs at Oxford University,…

16 hours ago

Consumer Group Which? Targets Qualcomm In Legal Action

Legal action against Qualcomm could result in 29 million UK 4G smartphone owners being entitled…

1 day ago

Google To Change Review Process Of Scientist Work

Executives at troubled Google AI research unit say they are working to retain trust, after…

1 day ago

NHS Challenged Over Data Contract With Palantir

Contract between NHS and data mining firm Palantir now at centre of lawsuit filed by…

2 days ago