Microsoft President Brad Smith said that the suspected Russian hacking campaign against the US government focused on more than 40 organizations.
The campaign, which US officials believe is Russian intelligence, began in March at least, but was discovered only last week and has included several federal agencies.
A statement issued by several US agencies revealed that the hacking campaign is still “continuing,” which leaves the door open to the possibility of an increase in the number of institutions that have been hacked and the extent of the damage incurred.
And Microsoft’s statement is the first to provide detailed estimates of the extent of the penetration. Although the company does not have a complete vision of the piracy campaign, it has a special vision thanks to the widespread use of “Windows” and the anti-virus program “Defender” by governments and companies.
In a blog published Thursday evening, the Microsoft chief said that among the more than 40 organizations identified as severely affected, 80 percent were in the United States. Still, there were also victims in Belgium, Canada, Israel, Mexico, Spain, the United Arab Emirates, and the United Kingdom.
The company found that many of the victims are government agencies. Still, companies that contract with the government or think tanks and information and technology companies have also been repeatedly breached.
“Russia has a long history of launching this type of piracy operations targeting American companies and businesses,” Ali Breland, a journalist specializing in technological policy affairs, told Sky News Arabia, “and this process bears clear Russian fingerprints.”
Breeland indicated that Russia “is doing its best to piracy US agencies and institutions, to cause chaos in the United States through the leaks, and its hackers have the technical ability to cause harm.”
The expansion of the piracy campaign is astonishing because it had afflicted a huge group of victims since the start of the attack last March when hackers exploited an update of a program developed by the company “Solar Windows” located in Texas and used by thousands of companies and departments around the world.
For his part, the expert on electronic crises, Jason Maloney, warned of the danger of the breach, and said in an interview with “Sky News Arabia” that “the operation mainly targeted the e-mail systems of institutions, which may cause them great embarrassment, as happened in North Korea’s hacking of mail Sony Corporation. ”
Most of the hacked organizations are still unidentified. Still, three entities have admitted that they have been hacked, namely the US Department of Commerce and Energy and the cybersecurity company “Fire Eye,” which was the first to report the piracy campaign. Several other organizations were reported to have been hacked. But she did not confirm it herself.
A page on the SolarWinds website included more than 100 of its prominent government and commercial clients. Still, the page was deleted on Monday, and none of the listed institutions acknowledged having been hacked.
The expert, Maloney, expressed his hope that “the next US administration will pay more attention to the security of networks, electronic data and infrastructure, and that it will be able to find the identity of the perpetrators.” Russia, North Korea, and China will likely launch more cyberattacks in the United States.
Breland advises companies to take the necessary precautions by “filling possible gaps in their electronic systems, and conducting a careful periodic examination to see if they can be penetrated, and to ensure that they are completely closed to pirates.”