SolarWinds criminals narrow follow-up attacks: Microsoft

The cyber criminals who targeted the SolarWinds Orion Platform appear to have limited their follow-up attacks to a relatively small number of IT and government enterprises, according to a blog post from Microsoft President Brad Smith.

Smith wrote that while more than 17,000 customers received the first wave of malware, Microsoft has identified 40 customers that the attackers have targeted more precisely. Of those 40, 44 percent are in IT and 18 percent are in government, including finance and national security.

Microsoft also last week issued posts with steps for customers to protect themselves and consumer guidance on recent cyber attacks, while FS-ISAC issued a brief and spotlight report on the SolarWinds compromise. Additionally, the National Security Agency issued an advisory on malicious actors abusing authentication mechanisms to access cloud resources.

These and other resources are available on ICBA's Cyber and Data Security resources section on the attack.