Skip to main content
Tags: hacking | cybersecurity | solarwinds | microsoft | china | russia

Report Alleges Russia Hacked SolarWinds, China Hacked Microsoft Exchange

Report Alleges Russia Hacked SolarWinds, China Hacked Microsoft Exchange
(Suzanne Cordeiro/AFP)

By    |   Thursday, 13 January 2022 05:51 PM EST

A new report from the Government Accountability Office alleges that Russia breached the network management software company SolarWinds in 2020. It also asserts that the Chinese government likely exploited a vulnerability in the Microsoft Exchange Server a year later.

The SolarWinds hack was carried out through a malicious software update that stole the data of tens of thousands of customers two years ago, NPR reported in April 2021.

The new report, however, suggests that the state-sponsored hackers began their infiltration more than a year earlier than initially thought.

''Beginning as early as January 2019, a threat actor breached the computing networks at SolarWinds — a Texas-based network management software company, according to the company's Chief Executive Officer,'' the report read. ''The federal government later confirmed the threat actor to be the Russian Foreign Intelligence Service.''

The hack also allowed the infiltration of the Cybersecurity and Infrastructure Security Agency and stole data on U.S. sanction policy and intelligence inquiries, according to Reuters.

''Since the company's software, SolarWinds Orion, was widely used in the federal government to monitor network activity and manage network devices on federal systems, this incident allowed the threat actor to breach several federal agencies' networks that used the software,'' the report continued.

GAO added that the Microsoft Exchange Server hack, which occurred in 2021, was probably the result of ''malicious cyber actors affiliated with the People's Republic of China's Ministry of State Security.''

''The vulnerabilities initially allowed threat actors to make authenticated connections to Microsoft Exchange Servers from unauthorized external sources,'' the report read.

''Once the threat actor made a connection, the actor then could leverage other vulnerabilities to escalate account privileges and install web shells that enabled the actor to remotely access a Microsoft Exchange Server. This in turn allowed for persistent malicious operations even after the vulnerabilities were patched.''

© 2024 Newsmax. All rights reserved.


Newsfront
A new report from the Government Accountability Office alleges that Russia breached the network management software company SolarWinds in 2020. It also asserts that the Chinese government likely exploited a vulnerability in the Microsoft Exchange Server a year later.
hacking, cybersecurity, solarwinds, microsoft, china, russia
303
2022-51-13
Thursday, 13 January 2022 05:51 PM
Newsmax Media, Inc.

Sign up for Newsmax’s Daily Newsletter

Receive breaking news and original analysis - sent right to your inbox.

(Optional for Local News)
Privacy: We never share your email address.
Join the Newsmax Community
Read and Post Comments
Please review Community Guidelines before posting a comment.
 
TOP

Interest-Based Advertising | Do not sell or share my personal information

Newsmax, Moneynews, Newsmax Health, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, and Newsmax World are trademarks of Newsmax Media, Inc.

NEWSMAX.COM
America's News Page
© Newsmax Media, Inc.
All Rights Reserved
Download the Newsmax App
NEWSMAX.COM
America's News Page
© Newsmax Media, Inc.
All Rights Reserved