Microsoft details update on Russian-sponsored “ongoing attack”

Microsoft details update on Russian-sponsored “ongoing attack”

Tech Journalist
     

    Microsoft has detailed an update on the ongoing cyber attack it has been subjected to from suspected Russian state-sponsored hackers.

    Using information obtained during a hit last year, the group known as Midnight Blizzard has targeted Microsoft’s internal systems, the tech giant said in an official blog post.

    The company has also shared the latest information with the US Securities and Exchange Commission, in a fresh filing posted on Friday.

    “In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorized access,” Microsoft wrote.

    “This has included access to some of the company’s source code repositories and internal systems. To date we have found no evidence that Microsoft-hosted customer-facing systems have been compromised.”

    What was the initial Midnight Blizzard cyber attack on Microsoft?

    In a targeted recon mission, Midnight Blizzard (also known as Nobelium) was able to access a legacy system account using a password-spraying attack.

    Although the malicious activity was discovered on 12 January, it is believed the cyberattack commenced in late November 2023, leaving the American multinational tech giant to play catch-up on the serious incident.

    Now, Microsoft is facing further intrusion with the hackers “ attempting to use secrets of different types it has found,” as the company detailed an increase in the volume of the attacks. It stated password sprays had increased almost 10-fold in February, beyond the significant rate experienced in January this year.

    This is a sophisticated, organized cyber attack that shows no sign of abating, as detailed in the statement.

    “Midnight Blizzard’s ongoing attack is characterized by a sustained, significant commitment of the threat actor’s resources, coordination, and focus. It may be using the information it has obtained to accumulate a picture of areas to attack and enhance its ability to do so.”

    “This reflects what has become more broadly an unprecedented global threat landscape, especially in terms of sophisticated nation-state attacks.”

    Microsoft has insisted it remains committed to the ongoing investigation of Midnight Blizzard’s activities.

    The hacker collective is believed to be working at the behest of Russia’s Foreign Intelligence Service, known by its native initials, SVR.

    Featured image: Pexels

    The post Microsoft details update on Russian-sponsored “ongoing attack” appeared first on ReadWrite.

    ReadWrite

    Graeme Hanna

    Tech Journalist

    Graeme Hanna is a full-time, freelance writer with significant experience in online news as well as content writing. Since January 2021, he has contributed as a football and news writer for several mainstream UK titles including The Glasgow Times, Rangers Review, Manchester Evening News, MyLondon, Give Me Sport, and the Belfast News Letter. Graeme has worked across several briefs including news and feature writing in addition to other significant work experience in professional services. Now a contributing news writer at ReadWrite.com, he is involved with pitching relevant content for publication as well as writing engaging tech news stories.

    (21)