Microsoft said on Friday that the Russian state-backed hacking group Midnight Blizzard was trying to break into its systems again using information stolen from the tech giant’s corporate emails in January.
The disclosure revealed the continued presence of a hacking group of analysts with ties to Russian intelligence and a focus on infiltrating Microsoft. Microsoft is one of the world’s largest software makers and a major provider of digital services and infrastructure to the U.S. government.
The Russian Embassy in Washington did not immediately respond to a request for comment on Microsoft’s statement. It has yet to respond to Microsoft’s previous statement about the Midnight Blizzard event.
In January, Microsoft said it discovered hackers trying to breach a “small subset” of its corporate email accounts, including members of its senior leadership team and members of cybersecurity, legal and other functions.
The hacking group, also known as Nobelium, appears to be trying to use the data stolen at that time to break into Microsoft systems again, the company said.
“In recent weeks, we have seen evidence that Midnight Blizzard is using information originally leaked from our corporate email systems to gain or attempt to gain unauthorized access,” the company said in a blog post.
The company added that the data includes some of its source code repositories and internal systems. Its share price fell slightly after the news broke.
“It’s clear that Midnight Blizzard is experimenting with different types of secrets it finds,” it added.
“Some of these secrets were shared via email between customers and Microsoft, and when we discovered these secrets in the leaked emails, we have and are reaching out to those customers to help them take mitigation measures.” Microsoft did not disclose Name of affected customer.
It also said hackers have become more aggressive in their targeting, with their use of “password spray” – where attackers use the same password on multiple accounts in the hope of breaking in – increasing tenfold compared to their attacks. January attacks.
Midnight Blizzard likely targeted it because Microsoft’s own robust research revealed how the hacking group operates, the company said in a statement in January. Microsoft’s threat intelligence team has been sharing Nobelium’s research since at least December 2020, when Microsoft published a four-part series. One is titled “How nation-state attackers like NOBELIUM are changing cybersecurity.”
The ongoing attacks against Microsoft demonstrate “an ongoing, significant commitment of resources, coordination and focus by threat actors,” the company said in its latest blog.
“It may use the information gained to accumulate a picture of the attack area and enhance its attack capabilities.”
The company added that there was no evidence that Microsoft’s customer-facing systems were compromised in the hack.
(Except for the headline, this story has not been edited by NDTV staff and is published from a syndicated feed.)
