7

Suspected Russian hackers made failed attempt to breach CrowdStrike

 3 years ago
source link: https://www.cnbc.com/2020/12/24/suspected-russian-hackers-made-failed-attempt-to-breach-crowdstrike.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Tech

Suspected Russian hackers made failed attempt to breach CrowdStrike, company says

Published Thu, Dec 24 20201:08 PM EST
Key Points
  • The suspected Russian hackers blamed for breaking into a series of U.S. government agencies and cybersecurity company FireEye also made a failed attempt to hack into cybersecurity firm CrowdStrike.
  • The company said it was alerted by Microsoft on Dec. 15 that the hackers had tried to read CrowdStrike’s emails using a Microsoft reseller’s account “several months ago.”
  • Up until now, the Texas-based SolarWinds was the only publicly confirmed vector for break-ins, although officials have been warning for days that the hackers had also used other unspecified avenues to subvert their targets.
George Kurtz, co-founder and chief executive officer of Crowdstrike Inc., speaks during the Montgomery Summit in Santa Monica, California.
Patrick T. Fallon | Bloomberg | Getty Images

The suspected Russian hackers blamed for breaking into a series of U.S. government agencies and cybersecurity company FireEye also made a failed attempt to hack into cybersecurity firm CrowdStrike, the Sunnyvale, California-based company said in a blog post.

CrowdStrike said that it was alerted by Microsoft on Dec. 15 that the hackers had tried to read CrowdStrike’s emails using a Microsoft reseller’s account “several months ago.”

CrowdStrike said in its blog post that the attempt failed.

Microsoft did not immediately return a message seeking comment on Thursday. The National Security Agency and the Cybersecurity and Infrastructure Security Agency did not immediately return messages.

The use of a Microsoft reseller to try to break into a top digital defense company raises new questions about how many different venues the hackers have had to infiltrate American networks.

Up until now, the Texas-based SolarWinds was the only publicly confirmed vector for break-ins, although officials have been warning for days that the hackers had also used other unspecified avenues to subvert their targets.

Separately, SolarWinds said on Thursday it had released an update to fix the vulnerabilities in its flagship network management software, Orion, following the discovery of a second set of hackers that targeted the company’s products.

The announcement follows a blog post issued by Microsoft on Friday that said that SolarWinds had its software targeted by a second and unrelated group of hackers in addition to the ones linked to Russia.

The identity of the second set of hackers, or the degree to which they may have successfully broken in anywhere, remains unclear.

Russia has denied having any role in the hacking.

Subscribe to CNBC on YouTube.

VIDEO05:18
‘Shark Tank’ host Robert Herjavec on the SolarWinds cyber hack

report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK