Published 20:17 IST, March 8th 2024
Russian-state sponsored hackers able to access internal systems: Microsoft
The hackers have increased the quantum of some attack aspects by tenfold compared to January, Microsoft said
Advertisement
Microsoft said on March 8 that Russian state-sponsored hacking group Midnight Blizzard has captured access to a few of its source code repositories and internal systems.
The admission comes after a hack which was detected by the US-based BigTech in January.
The hackers have expanded the volume of certain aspects of the attack by as much as tenfold in February, as opposed to the pre-existing large volume which was visible in January 2024, Microsoft said.
Midnight Blizzard is trying to utilise the different types of secrets, which it has found that were shared with customers.
The Russia sponsored attacker, which goes by the name of Midnight Blizzard, or sometimes Cozy Bear, the Dukes, or A.P.T. 29, last year had carried out a sophisticated attack, embedding malware into Solar Winds’ software.
This was consequently distributed to thousands of customers of the company, including over eight federal agencies which include the US Department of Defense, Department of Homeland Security and the Treasury Department, along with tech and security firms in the likes of Intel, Cisco, and Palo Alto Networks.
“The Microsoft security team detected a nation-state attack on our corporate systems on January 12, 2024, and immediately activated our response process to investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further access,” Microsoft said in a blogpost in January.
Advertisement
The attack, which Microsoft said began in November 2023, saw a password spray attack to get into a legacy non-production test tenant account. After gaining a foothold to change the account’s permissions, the hacking group accessed “a very small percentage” of Microsoft corporate email accounts.
These included members of their senior leadership team and employees in Microsoft’s cybersecurity, legal, and other functions.
The hackers exfiltrated some emails and attached documents. Microsoft said, adding that it was also notifying the affected employees.
(With Reuters Inputs)
20:17 IST, March 8th 2024