SolarWinds hackers accessed Microsoft source code
The firm doesn't consider this as an elevation of risk due to its open source development best practices


The cyber criminals that compromised SolarWinds in a sophisticated supply chain cyber attack broke into Microsoft and accessed the company’s source code as the list of confirmed victims expands beyond 250.
Microsoft confirmed that the attackers, linked by US authorities to the Russian state, accessed source code repositories as part of the attack, but didn’t alter the codebase at the heart of the firm’s core products and services. They did so through an internal account that had permissions to view, but not edit, these repositories.
The company has suggested, however, that viewing access to source code isn’t tied to an elevation of risk due to the firm’s use of open source development best practices, which allows source code to be viewable by employees.
The scariest security horror stories of 2020 The top 12 password-cracking techniques used by hackers SolarWinds falls victim to "highly sophisticated" cyber attack
It was previously reported by Reuters that the hackers had compromised Microsoft as part of its efforts to load SolarWinds’ Orion security platform with malware, although the company denied that its own software was, in turn, used to attack others.
This is despite a Securities and Exchange Commission (SEC) filing revealing that Microsoft Office 365 accounts of SolarWinds employees were broken into. SolarWinds suggested, according to this document, that it was aware of an attack vector used to compromise the company’s emails, with this intrusion also granting attackers access to other data contained in its Microsoft-developed productivity suite.
The news comes as the list of confirmed victims of the gigantic hack continues to expand, with more than 250 US government agencies and businesses having been compromised, according to the New York Times.
Although hackers effectively gained access to the networks of 18,000 SolarWinds public sector and business customers when they compromised the Orion security platform, probes were thought to have been sent to only a few dozen. This figure of 250, which the publication ascertained through multiple interviews, represents a much broader pool of potential victims.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
The monster hack first emerged last month after FireEye disclosed that it had been compromised by foreign hackers, who made off with advanced penetration tools. Only afterwards did the US Cybersecurity and Infrastructure Security Agency (CISA), as well as Microsoft, warn of a supply chain attack involving SolarWinds.
In the immediate aftermath of the revelations, Microsoft went so far as to block its customers from accessing malicious SolarWinds binaries for the compromised Orion platform. The company had previously released detections alerting users to the presence of these binaries, with a recommendation to isolate and investigate flagged devices.

Keumars Afifi-Sabet is a writer and editor that specialises in public sector, cyber security, and cloud computing. He first joined ITPro as a staff writer in April 2018 and eventually became its Features Editor. Although a regular contributor to other tech sites in the past, these days you will find Keumars on LiveScience, where he runs its Technology section.
-
RSAC Conference 2025: The front line of cyber innovation
ITPro Podcast Ransomware, quantum computing, and an unsurprising focus on AI were highlights of this year's event
-
Anthropic CEO Dario Amodei thinks we're burying our heads in the sand on AI job losses
News With AI set to hit entry-level jobs especially, some industry execs say clear warning signs are being ignored
-
"Thinly spread": Questions raised over UK government’s latest cyber funding scheme
The funding will go towards bolstering cyber skills, though some industry experts have questioned the size of the price tag
-
Modern enterprise cybersecurity
whitepaper Cultivating resilience with reduced detection and response times
-
IDC InfoBrief: How CIOs can achieve the promised benefits of sustainability
whitepaper CIOs are facing two conflicting strategic imperatives
-
The complete guide to the NIST cybersecurity framework
Whitepaper Find out how the NIST Cybersecurity framework is evolving
-
Are you prepared for the next attack? The state of application security in 2024
Webinar Aligning to NIS2 cybersecurity risk-management obligations in the EU
-
The economics of penetration testing for web application security
whitepaper Get the most value from your security solution
-
How to extend zero trust to your cloud workloads
Whitepaper Implement zero trust-based security across your entire ecosystem
-
Four requirements for a zero trust branch
Whitepaper Effectively navigate the complex and ever-changing demands of security and network connectivity