iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Russian state-sponsored hackers have infiltrated the email accounts of several leadership staff at Microsoft as well as cyber security and legal staff, according to the tech giant.
The company said it first detected the attack on 12 January but said that the incident began back in late November last year.
It also added that it identified the threat actor to be a Russian state-sponsored actor called Midnight Blizzard (also known as Nobelium).
“The threat actor used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and then used the account’s permissions to access a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cyber security, legal, and other functions, and exfiltrated some emails and attached documents,” said Microsoft in a blog post
Microsoft added that based on its investigations, the group was looking for emails and data relating to itself.
“We are in the process of notifying employees whose email was accessed.
“The attack was not the result of a vulnerability in Microsoft products or services.
“To date, there is no evidence that the threat actor had any access to customer environments, production systems, source code, or AI systems. We will notify customers if any action is required,“ it said.
Following the discovery of the attack, Microsoft activated its incident response team to crack down on the attack and mitigate further damage.
Microsoft said it is providing the update on the incident as part of its Secure Future Initiative, the company’s dedication to advancing cyber security as the future brings more sophisticated attacks and hackers.
The company added that the recent attack has further spurred it on to act quickly and apply its modern cyber security standards to older systems.
“As we said late last year when we announced Secure Future Initiative (SFI), given the reality of threat actors that are resourced and funded by nation states, we are shifting the balance we need to strike between security and business risk – the traditional sort of calculus is simply no longer sufficient,” it said.
“For Microsoft, this incident has highlighted the urgent need to move even faster. We will act immediately to apply our current security standards to Microsoft-owned legacy systems and internal business processes, even when these changes might cause disruption to existing business processes.”
Be the first to hear the latest developments in the cyber industry.
