In the aftermath of the US government data breach this month that impacted the US Treasury Department, the National Telecommunications and Information Administration and the Department of Commerce, Microsoft's President Brad Smith wrote in a blog post that more such hacks were likely in the offing, with countries like Russia developing unprecedented sophistication in their attacks. "We should all be prepared for stories about additional victims in the public sector and other enterprises and organizations," Smith said. "While governments have spied on each other for centuries, the recent attackers used a technique that has put at risk the technology supply chain for the broader economy. As SolarWinds has reported, the attackers installed their malware into an upgrade of the company’s Orion product that may have been installed by more than 17,000 customers," Smith added. It appears that some victims of the hack have been identified from India, though Smith didn't explicitly say so in his post. A heatmap showing the extent of the cyberattack outside Russia — where no victims appear to have been identified — appears to indicate that systems roughly around Madhya Pradesh and Uttar Pradesh have been compromised. Note: We are not republishing the map because it contains a version of Indian borders that reflect the extent of its control, and not that of its claim. "The initial list of victims includes not only government agencies, but security and other technology firms as well as non-governmental organizations," Smith said. Significantly, a suite of attack tools gathered and used…
