The alleged Russian hacking operation that has spread through the U.S. government has swept over 40 organisations, Microsoft’s president said Thursday.
The operation, which U.S. officials suspect is the work of Russian intelligence, started at least as early as March, although it was discovered just last week, and has broken through a variety of federal agencies.
This week’s multi-agency statement described it as “ongoing,” leaving open the issue of how many entities have been compromised and how badly they are.
Microsoft’s statement is the first to provide a thorough estimation of the magnitude of the hack. Although the company has no overall awareness of the hacking effort, it has substantial insights through the use of Windows and its antivirus software, Protector, by governments and businesses.
In a blog post Thursday night, the president of the group, Brad Smith, said that 80 per cent of the more than 40 organizations reported as having had a major effect were in the U.S., but there were also victims in Belgium, Canada, Israel, Mexico, Spain, the U.A.E. and the United Kingdom.
While many victims were government departments, businesses that work with governments or think tanks, and information and technology companies have also frequently been affected, Microsoft found.
The scope of the initiative was an open question because it had the potential to infect a large number of victims.
Hackers were able to get into companies by first breaking into SolarWinds, a relatively small technology business in Austin, Texas, which has a range of U.S. government agencies and large businesses as clients.
In a Monday filing with the Securities and Exchange Commission, SolarWinds noted that approximately 33,000 customers are likely to have downloaded the malicious software update, while the actual number of victims is estimated to be “less than 18,000.”
However, analysts and U.S. officials generally claimed that Russia would only commit resources to hacking and secretly stealing information from a more targeted list of organizations.
Dmitri Alperovitch, who co-founded the cyber security company CrowdStrike before becoming president of the Silverado Policy Accelerator, said in a previous interview that the intelligence agency would not be able to completely manipulate the many victims and instead would have to settle the most important targets.
“The good news here is that if you’re looking for a silver liner, there’s no intelligence agency that has enough human power to go after everyone,” Alperovitch said Monday.