Russia-linked hackers used Microsoft resellers in massive US cyberattacks: Report

While the US is still determining the extent and true impact of the large-scale cyberattack linked to Russian hackers on American firms and federal agencies, new evidence has reportedly indicated that the cybercriminals hunted their victims to several channels including Microsoft resellers. As per reports, security firm CrowdStrike has suggested that the companies that sell software on Microsoft’s behalf were also used by the hackers to break into the customers of Microsoft’s Office 365 software.

This groundbreaking revelation came after the only identified source for the major cyber attack was from SolarWinds whose updates had reportedly compromised the security. However, resellers are reportedly often entrusted to set up and maintain clients’ software such as the Texas-based company SolarWinds that have been an ideal front for the Russian hackers. As per New York Times report, the founder of a cybersecurity firm, Glenn Chisholm said that the hackers were unable to get into Microsoft 365 directly and therefore targetted the “weakest point” in the supply chain, that were the resellers. 

Read - Biden Vows Strict Response To Large-scale Cyberattack, Says 'can't Let This Go Unanswered'

Read - 'US Treasury Email Accounts Were Compromised' In Cyberattack, Says Key Democrat

CrowdStrike confirmed earlier this week

Just earlier this week, CrowdStrike had reportedly confirmed that it was also a target of the attack. However, in this case, the Russian-linked hackers reportedly did not use SolarWinds but a Microsoft reseller but it was unsuccessful. However, as per the media outlet, CrowdStrike declined for an elaborate comment on the issue.

In one of the latest blows to US President Donald Trump’s administration in its closing days, as many as 12 federal agencies are crippling with a massive cyberattack which is reportedly described as the biggest breach in several years. Triggering speculation of Russian hackers’ involvement, US officials have reportedly said that the hacks have been ongoing for several months allowing the ones who breached the websites to monitor as well as read US’ confidential emails. The US cyber-security firm that had identified the large-scale hacking of country’s several federal agencies has reportedly said that it “genuinely impacted” at least 50 organisations. 

Read - Biden's Response To Cyberattacks By Russia Will Go Beyond 'just Sanctions': Report

Read - Putin Visits Foreign Intelligence Service HQ To 'congratulate' Amid US Cyberattack Row