Microsoft announced that their source code was accessed as a result of the SolarWinds breach in a statement on December 17.
“The attack is ongoing and is being actively investigated and addressed by cybersecurity teams in the public and private sectors, including Microsoft,” said Microsoft President Brad Smith. “As our teams act as first responders to these attacks, these ongoing investigations reveal an attack that is remarkable for its scope, sophistication and impact.”
Smith noted in the statement that the cyber attack is still ongoing, but the company “has identified and has been working this week to notify more than 40 customers that the attackers targeted more precisely and compromised through additional and sophisticated measures.”
Microsoft asserts that the bad actors were unable to edit the source code, but did not say how many source code repositories were compromised or how long the source code was accessed for.
While many have suggested that Russia and/or Russian actors are responsible for the SolarWinds cyber attack, President Donald Trump has suggested that China may have been involved, as National File reported.
President Trump also said that the cyber attack could have impacted “our ridiculous voting machines” during the 2020 US election, adding that the election was a “corrupted embarrassment for the USA.”
This comes after several days of the mainstream media repeatedly blaming Russia or Russian actors for the devastating attack.
While attention appears to be on the Russians for their supposed involvement in the SolarWinds breach, the company has been under fire for its extensive and questionable ties to Chinese companies. SolarWinds partnered with M.Tech to expand business into China in May 2020. The company had been compromised by as early as March, as National File reported.
The partnership was extended in order to “enable businesses in China—across all vertical industries such as banking, finance, insurance, manufacturing, education, and other commercial sectors—to solve IT challenges and monitor, manage, and secure their applications, servers, data, infrastructure, and networks across on-premises, hybrid, and multi-cloud environments” according to Business Wire.
Along with M.Tech, SolarWinds’ China distribution partners include Westcon Solutions China, Kunlan Solutions (China) Inc, and Beijing KaiYao Co.,Ltd, according to their website.
SolarWinds owners, Silver Lake and Thoma Bravo, who sold hundreds of millions in stock just days before the announcement of the breach, also have connections to China. Silver Lake chairman Ken Hao, who also serves on the SolarWinds board of directors, “led the establishment” of the $75 billion investment firms’ offices in China, as National File reported.
According to his biography on the Silver Lake website, Kenneth Hao “led the establishment of the firm’s offices in China and Japan and led Silver Lake’s investments in Alibaba Group” from 2008-2011.
Silver Lake also notes that “Hao currently serves as a director on the boards” of several companies, including SolarWinds.
SolarWinds board member Seth Boro purchased JD Power from a mysterious Chinese company called XIO Group just months before the breach, as National File reported.
SolarWinds director Seth Boro, a man who was instrumental in starting the private equity firm known as Thoma Bravo, “currently serves on the board of directors of several software and technology service companies in which certain investment funds advised by Thoma Bravo hold an investment,” according to his biography on the SolarWinds website.
In 2019, Thoma Bravo bought JD Power for $1.88 billion from XIO Group, a mysterious Chinese company based in Hong Kong.
“Thoma Bravo has agreed to purchase JD Power, a Delaware-based provider of data analytics and market research for dozens of industries, from China’s XIO Group, with Axios reporting a price of $1.88 billion. XIO bought JD Power for some $1.1 billion in 2016,” Pitchbook reported.
XIO Group acquired JD Power from S&P in 2016 for $1.1 billion. The Wall Street Journal in 2018 reported that the Chinese company had “unclear ownership.”
National File will continue to cover the SolarWinds cyber attack and its devastating implications as the nation awaits DNI John Ratcliffe’s report on foreign interference in the 2020 US election, which was reportedly delayed amid the announcement of the SolarWinds breach due to new intelligence surrounding Chinese operations information.