A Russian-affiliated hacking organization reportedly breached Microsoft’s internal systems, gaining access to a “limited number” of email accounts, including those of senior executives and personnel in the legal and cybersecurity departments. According to the corporation, there will likely be some disruption as it moves quickly to fix outdated systems.
According to a blog post published by the software giant on Friday, the hacking gang does not seem to have gained access to Microsoft servers that host outward-facing products or customers’ systems. Furthermore, Microsoft does not possess any proof that the Midnight Blizzard gang gained access to artificial intelligence or source code.
According to the corporation, “even though these changes might cause disruption to existing business processes, we will act immediately to apply our current security standards to Microsoft-owned legacy systems and internal business processes.” “Some disruption will probably result from this.”
The organization Microsoft identified as the culprit, commonly referred to as “Nobelium,” is a highly skilled nation-state hacking operation that the US government has connected to Russia. As part of a broad cyber-espionage attempt targeting US federal institutions, the same gang previously attacked US federal contractor SolarWinds.
The business said that starting in November, hackers broke into its systems by using a “password spray” attack. The method, which is often referred to as a “brute force attack,” usually entails external parties rapidly attempting several passwords on particular user names with the intention of breaking into targeted company accounts.
Here, the attackers seized not just the accessible accounts but also the emails and documents related to them. Microsoft claimed that employees whose emails were obtained are still being notified by the business, which discovered the hack on January 12.
Government officials are “closely coordinating with Microsoft to gain additional insights into this incident and understand impacts so we can help protect other potential victims,” according to Eric Goldstein, executive assistant director for cybersecurity at the US Cybersecurity and Infrastructure Security Agency.
Hacking campaigns targeting Microsoft technologies have been common.
A 2023 hack against Microsoft Exchange Online that the firm tied to hackers with ties to China is already being examined by the US Cyber Safety Review Board, which answers to the Department of Homeland Security. Concerns regarding cloud computing security are developing as a result of this breach, which made it possible for senior US officials’ email accounts to be hacked. Microsoft announced in September that it had found five distinct flaws in its systems, all of which have since “been corrected.”
In 2023, after the breach, Jen Easterly, the director of the agency in charge of the board, suggested in a Bloomberg interview that Microsoft ought to “recapture the ethos” of what Bill Gates, one of the company’s co-founders, referred to as “trustworthy computing” in 2002, telling staff members to prioritize security over feature additions.
“We will keep working with them to push them to do that,” Easterly stated of Microsoft, “but I firmly believe they have to concentrate on making sure their products are secure by default and secure by design.”