🎙️ Voice is AI-generated. Inconsistencies may occur.
Hackers responsible for the extensive SolarWinds software breach made an unsuccessful attempt to compromise another cybersecurity firm earlier this year, the company said.
CrowdStrike, a Silicon Valley–based technology company that specializes in threat intelligence and cyberattack response services, described the attempt in a blog post published Wednesday. The post doubled as an announcement for CrowdStrike's new online resource tool, designed to help global organizations identify potential threats to their own systems.
On December 15, Microsoft informed CrowdStrike of suspicious activity and a thwarted effort to access its emails, as details related to this month's SolarWinds hack began to emerge. Microsoft operates a cloud-based management application called Azure that was affected by the SolarWinds bug. While investigating possible security compromises affecting its products and customers, Microsoft's threat intelligence personnel contacted CrowdStrike with information about an attempted breach that took place "several months ago."
A reseller account, created using Azure to manage CrowdStrike's licenses with Microsoft Office, "was observed making abnormal calls to Microsoft cloud APIs during a 17-hour period," the company said in its Monday blog post. An application programming interface, or API, is a software link that connects, and allows interaction between, multiple applications. Microsoft confirmed that CrowdStrike's network ultimately remained secure against the attempted email breach, which it said failed.
"CrowdStrike conducted a thorough review into not only our Azure environment, but all of our infrastructure for the indicators shared by Microsoft," the blog post read. "The information shared by Microsoft reinforced our conclusion that CrowdStrike suffered no impact."
The attempted security breach occurred months before U.S. authorities determined that a wide range of federal agencies, including the Treasury, Homeland Security and Commerce departments, were targeted by a sweeping cybersurveillance attack allegedly carried out by Russian hackers. The breach originated in software developed by Texas-based cybersecurity company SolarWinds and allowed hackers to infiltrate a number of government bureaus and private clients that used it. Officials suggest the breach could have been active for the better part of nine months before its eventual discovery.
Both Secretary of State Mike Pompeo and outgoing Attorney General William Barr believe Russia was responsible for the cyberattack, which officials at the federal Cybersecurity and Infrastructure Security Agency said affected state and local governments in addition to federal agencies. In a tweet last week, President Donald Trump criticized the blaming of Russia, following Pompeo's comments to CNN implicating the Russians in the breach, and suggested "it may be China." Russian officials have denied any involvement.
Newsweek reached out to CrowdStrike and Microsoft for comments but did not receive replies in time for publication.
