
CrowdStrike confirmed Wednesday that it was also a target of the attack. In CrowdStrike’s case, the Russians did not use SolarWinds but a Microsoft reseller, and the attack was unsuccessful. A CrowdStrike spokeswoman, Ilina Dimitrova, declined to elaborate beyond a company blog post describing the attempted attack. The approach is not unlike the 2013 attack on Target in which hackers got in through the retailer’s heating and cooling vendor. The latest Russian attacks, which are thought to have begun last spring, have exposed a substantial blind spot in the software supply chain. Companies can track phishing attacks and malware all they want, but as long as they are blindly trusting vendors and cloud services like Microsoft, Salesforce Google’s G-Suite, Zoom, Slack, SolarWinds and others — and giving them broad access to employee email and corporate networks — they will never be secure, cybersecurity experts say. “These cloud services create a web of interconnections and opportunity for the attacker,” Mr. Chisholm said. “What we are witnessing now is a new wave of modern attacks against these modern cloud platforms, and we need 2021 defenses.” Some reports have confused the latest development with a breach of Microsoft itself. But the company said it stood by its statement last week that it was not hacked, nor was it used to attack customers.