Redmond, Washington – In the latest cyberattack targeting Microsoft Corporation, Russian hackers have breached email accounts belonging to company executives. The group known as Midnight Blizzard, identified by Microsoft as the perpetrator of ongoing cyber attacks, has expanded its reach using information obtained from the initial successful hack.
According to a statement from the Microsoft Security Response Center, Midnight Blizzard has accessed source code repositories and internal systems, although there is no evidence that customer-facing systems hosted by Microsoft have been compromised. The group is utilizing various types of secrets obtained, some shared via email between customers and Microsoft, prompting Microsoft to reach out to affected customers to help them take necessary precautions.
Microsoft has reported the incident to the United States Securities and Exchange Commission. In a blog post, the company revealed that the Midnight Blizzard hackers gained access to email accounts of senior leadership team members, along with cybersecurity, legal, and other personnel. Actions were taken immediately upon discovery of the breach to investigate, disrupt malicious activity, and prevent further access by the threat actors.
The intensification of the attack, particularly in password spraying efforts, has been noted by Microsoft in the month of February. The company expressed astonishment at the level of coordination and resources dedicated by Midnight Blizzard to sustaining the attack, emphasizing the significant commitment made by the threat actor.
Heightened concerns stem from the broader threat landscape, particularly in the realm of sophisticated nation-state attacks. Midnight Blizzard is believed to be backed by the Kremlin, indicative of the support provided to such groups that engage in cyber operations. This incident adds to the growing challenges in cybersecurity worldwide, highlighting the persistent and evolving threat posed by malicious actors.
As the investigation and response to the breach continue, experts remain vigilant in monitoring for any further developments or potential threats from cyber adversaries. The incident serves as a reminder of the ever-present risks in cyberspace and the critical importance of cybersecurity measures to protect against increasingly sophisticated attacks.