HomeSecurity OperationsMicrosoft reports state-backed Russian hackers accessed emails of senior leadership team members,...

Microsoft reports state-backed Russian hackers accessed emails of senior leadership team members, ET Telecom

Published on

spot_img

In a blog post on Friday, January 19, 2024, Microsoft reported that state-backed Russian hackers gained unauthorized access to the company’s corporate email system. The breach resulted in the infiltration of the accounts of several members of the company’s leadership team, as well as those of employees working in the cybersecurity and legal departments. The incident marks a significant cybersecurity breach for the technology giant.

According to Microsoft, the hacking operation, attributed to a highly skilled Russian hacking team, commenced in late November and went undetected until January 12, when it was eventually discovered by the company’s security teams. The breach is said to be the work of the same group responsible for the SolarWinds cyber intrusion, which has been associated with Russian state-sponsored entities.

It was disclosed that only “a very small percentage” of Microsoft’s corporate accounts were compromised, with the hackers managing to steal some emails and attached documents. While the company has taken measures to remove the hackers’ access from the affected accounts, it has refrained from providing specific details regarding the senior leadership members whose accounts were breached.

In a regulatory filing made on the same day as the blog post, Microsoft clarified that the breach had not resulted in a material impact on its operations. However, the company acknowledged that it was still evaluating whether the incident may have any material impact on its financial standing.

As per Microsoft’s findings, the Russian hackers gained access to the company’s email system by exploiting credentials on a “legacy” test account, indicating potential vulnerabilities in outdated code. Employing a technique known as “password spraying,” the hackers leveraged the compromised account’s permissions to access the accounts of senior executives and other employees.

The cybersecurity threat posed by this Russian hacking group, referred to by Microsoft as “Midnight Blizzard” (formerly known as “Nobelium”), has been a longstanding concern for the technology industry. This group has previously been associated with the SolarWinds hack, described by Microsoft as “the most sophisticated nation-state attack in history.”

Microsoft’s latest breach disclosure comes at a time when there is an increased focus on the cybersecurity practices of major technology companies, especially in the wake of the SolarWinds incident and other cyberattacks targeting government agencies and private organizations. The company’s acknowledgment of the breach aligns with a new rule by the U.S. Securities and Exchange Commission which mandates public disclosure of cyber breaches that could negatively impact a company’s business.

While Microsoft has assured that there is no evidence of the threat actor having access to customer environments, production systems, source code, or AI systems, the incident underscores the persistent and evolving nature of cybersecurity threats faced by organizations worldwide. The company has committed to notifying employees whose email accounts were accessed and providing ongoing updates on its investigation into the intrusion.

The breach serves as a reminder of the importance of robust cybersecurity measures for organizations, especially those at the forefront of the technology industry. With the increasing sophistication of cyber threats and the growing geopolitical tensions in the digital domain, companies like Microsoft face ongoing challenges in safeguarding their systems and data from malicious actors. Microsoft’s proactive response to the intrusion, coupled with its commitment to transparency, will be closely watched by industry observers as the company navigates the aftermath of this breach.

Source link

Latest articles

A 126% Increase in Attacks in February 2025

In a shocking turn of events, February 2025 marked a dark milestone in the...

Signal’s Failure to Address Concerns of Ukraine Cyber Threat From Russia

Signal, a widely used messaging platform with over 108 million active users globally, is...

Safeguarding AI-Enabled IoT Ecosystems Against Cyber Threats

In the ever-evolving digital world, the seamless integration of Artificial Intelligence (AI) and the...

Setting the Record Straight: Disproving Myths About Mainframe Security in Cyber Strategies

The 60th anniversary of the modern mainframe was celebrated earlier this year, highlighting its...

More like this

A 126% Increase in Attacks in February 2025

In a shocking turn of events, February 2025 marked a dark milestone in the...

Signal’s Failure to Address Concerns of Ukraine Cyber Threat From Russia

Signal, a widely used messaging platform with over 108 million active users globally, is...

Safeguarding AI-Enabled IoT Ecosystems Against Cyber Threats

In the ever-evolving digital world, the seamless integration of Artificial Intelligence (AI) and the...