Hackers viewed Microsoft source code in the Solorigate Incident aka the SolarWinds God-Mode hack


Microsoft (NASDAQ: MSFT) revealed on New Year’s Eve that the company’s source code had been viewed by the same hackers that breached SolarWinds to get into the networks of U.S. government agencies and cybersecurity firms. 

In a blog post on December 17, Microsoft disclosed that it had been using SolarWinds Orion, which was compromised the “God-Mode,” giving hackers a window into thousands of private sector and governmental entities.

On December 31,  Microsoft confirmed for the first time that attackers exploited its core vulnerability to view its source code.

Signup for the USA Herald exclusive Newsletter

A source code is the basic building block of any digital program. The code is the instruction that programmers and coders write to make up an app. 

Microsoft investigating Solorigate Incident

Although no  Microsoft services or customer data appeared to be impacted, the tech giant said its investigation showed that attackers viewed the code since they had access to Microsoft systems through SolarWinds. They refer to the hack as the Solorigate incident.

“We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories,” Microsoft reported. “The account did not have permissions to modify any code or engineering systems and our investigation further confirmed no changes were made. These accounts were investigated and remediated.”

Microsoft has identified over 40 public and private organizations targeted in massive cybersecurity intrusion.

The disclosure highlights the broad reach of the attackers, which Microsoft investigators describe as  “a very sophisticated nation-state actor.” They also suggest that the hackers were well-resourced. And corporate espionage may have been, as much a motive, as a breach of secret government data.

Microsoft says services protected

Former National Security Agency official, Mike Chapple is now an information technology professor at the University of Notre Dame. He commented that “Cybersecurity professionals now need to be concerned that this information falling into the wrong hands might create the next SolarWinds-level vulnerability in a Microsoft product.”

Microsoft said its cybersecurity starts with the assumption that hackers may already have access to the company’s source code. The tech giant added additional layers of security to protect its services.

“We do not rely on the secrecy of source code for the security of products, and our threat models assume that attackers have knowledge of source code,” the company said. “So viewing source code isn’t tied to an elevation of risk.”


Have a story you want USA Herald to cover? Submit a tip here and if we think it’s newsworthy, we’ll follow up on it.

Want to contribute a story? We also accept article submissions – check out our writer’s guidelines here.