Microsoft said Thursday that it found malicious software in its system, the same day the Department of Energy confirmed it was breached as part of a wide-ranging cyberattack.
A growing list of companies and government agencies are acknowledging being victims in a hack of SolarWinds Orion network.
The network was hacked through malware, or malicious software, according to cybersecurity experts.
“Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious Solar Winds binaries in our environment, which we isolated and removed,” Microsoft said in a statement.
Microsoft declined to comment further.
The company said earlier this week that it was “monitoring a dynamic threat environment surrounding the discovery of a sophisticated attack that included compromised binaries from a legitimate software.”
Microsoft on Sunday sent detections that alerted customers to the presence of the malicious binaries and urged customers to consider any device with the binary as compromised.
The National Security Agency said in a cybersecurity advisory earlier Thursday that hackers could gain access to cloud services like Microsoft Office 365, and use that access to monitor or exfiltrate emails and documents.
The actor or actors behind the hack haven’t been determined, but cybersecurity experts say they have significant backing and stellar capabilities.
SolarWinds approximately 300,000 customers include government agencies and all five branches of the U.S. military, according to a partial customer listing it has since taken offline.
“One of the initial access vectors for this activity is a supply chain compromise of the following SolarWinds Orion products. CISA has evidence of additional initial access vectors, other than the SolarWinds Orion platform; however, these are still being investigated,” the Cybersecurity and Infrastructure Security Agency (CISA) said in a statement.
“At this point, the investigation has found that the malware has been isolated to business networks only, and has not impacted the mission essential national security functions of the Department, including the National Nuclear Security Administration,” a spokeswoman said in an emailed statement.
The administration is responsible for maintaining the U.S. nuclear weapons stockpile.
A Department of Commerce spokesperson previously told The Epoch Times that the agency was affected by the Orion malware.
Lawmakers, meanwhile, are pushing to learn more about the breach.
