According to a post from Microsoft on its blog, NOBELIUM, the group behind the SolarWinds attack tried to "gain access to downstream customers of multiple cloud service providers, managed service providers, and other IT services organizations."
Speaking to The New York Times, Tom Burt, Microsoft's vice president of customer security, said the attempted hack is "very large, and it is ongoing." The Times also reports that the hackers seemed to have been backed by Russia's foreign intelligence agency SVR.
In a separate blog post from Microsoft on Sunday, the company says 609 organizations were affected by the attacks.
"This recent activity is another indicator that Russia is trying to gain long-term, systematic access to a variety of points in the technology supply chain and establish a mechanism for surveilling – now or in the future – targets of interest to the Russian government," Burt wrote.