But Microsoft president Brad Smith denied his employer had been compromised. "We have no indication of this," he said. Microsoft's communications lead Frank X. Shaw also issued a denial.
Microsoft president Brad Smith says Reuters report is false. "We have no indication of this." Microsoft stands by Sunday statement: "We also want to reassure our customers that we have not identified any Microsoft product or cloud service vulnerabilities in these investigations." https://t.co/B8LeSUrlVv— Nicole Perlroth (@nicoleperlroth) December 18, 2020
Reuters said the Redmond company had been infiltrated through the same software from SolarWinds that has been used to compromise security firm FireEye among others.
The news agency said that the attackers then used Microsoft's own products to spread, but could not put a number on how many agencies or companies were affected.
The attacks on the US nuclear agency were reported by Politico, which said indications of compromise had been found in the networks of the Federal Energy Regulatory Commission, the Sandia and Los Alamos national laboratories in New Mexico and Washington, the NNSA's Office of Secure Transportation and the DoE's Richland Field Office.
"The UCG is intended to unify the individual efforts of these agencies as they focus on their separate responsibilities. This is a developing situation, and while we continue to work to understand the full extent of this campaign, we know this compromise has affected networks within the federal government," the three agencies said.
"As the lead for threat response, the FBI is investigating and gathering intelligence in order to attribute, pursue, and disrupt the responsible threat actors.
"The FBI is engaging with known and suspected victims, and information gained through FBI’s efforts will provide indicators to network defenders and intelligence to our government partners to enable further action."