Microsoft details update on Russian-sponsored “ongoing attack”

Microsoft has detailed an update on the ongoing cyberattack it has been subjected to by suspected Russian state-sponsored hackers.

Using information obtained during an attack last year, the group known as Midnight Blizzard has targeted Microsoft’s internal systems, the tech giant said in a official blog post.

The company has also shared the latest information with the US Securities and Exchange Commission, in a new published presentation on Friday.

“In recent weeks, we have seen evidence that Midnight Blizzard is using information initially extracted from our corporate email systems to obtain, or attempt to obtain, unauthorized access,” Microsoft wrote.

“This has included access to some of the company’s source code repositories and internal systems. To date we have found no evidence that Microsoft-hosted customer support systems have been compromised.”

What was Midnight Blizzard’s initial cyberattack on Microsoft?

On a targeted reconnaissance mission, Midnight Blizzard (aka Nobelium) was able to access a legacy system account using a password spraying attack.

Although the malicious activity was discovered on January 12, the cyberattack is believed to have started in late November 2023, leaving the American multinational technology giant to catch up on the serious incident.

Now, Microsoft is facing increased intrusion from hackers “trying to use secrets of different types that you have found,” as the company detailed an increase in the volume of attacks. It stated that the spread of passwords had increased almost 10-fold in February, beyond the significant rate experienced in January of this year.

This is a sophisticated and organized cyberattack that shows no signs of slowing down, as detailed in the statement.

“Midnight Blizzard’s ongoing attack is characterized by a significant and sustained commitment of threat actor resources, coordination, and focus. “You may be using the information you have obtained to build up a picture of the areas to attack and improve your ability to do so.”

“This reflects what has become an unprecedented global threat landscape, especially in terms of sophisticated attacks on nation-states.”

Microsoft has insisted that it remains committed to the ongoing investigation into Midnight Blizzard’s activities.

The hacking collective is believed to be working at the behest of Russia’s Foreign Intelligence Service, known by its native initials, SVR.

Cover image: Pexels

We will be happy to hear your thoughts

Leave a reply

Register New Account
Compare items
  • Total (0)
Shopping cart