Explorer

Russian Hackers Accessed Executives' Emails In State-Backed Attack: Microsoft

Microsoft added that there was no evidence of hackers having access to production systems, source code, customer environments or AI systems.

Microsoft on Friday accused a Russian-linked hacking group of a cyberattack on its corporate systems. The tech giant said that during the attack, the group named Midnight Blizzard, gained access to a small number of email accounts, including those of senior leadership and employees who work in cybersecurity and legal. In response, Microsoft has said that it will apply current security standards to Microsoft-owned legacy systems and internal business processes despite it being likely to cause disruption to existing business processes. 

As per the blog post of Microsoft, based on preliminary investigation, it concluded that the group was targeting email accounts for information related to Midnight Blizzard itself. The post read, "The attack was not the result of a vulnerability in Microsoft products or services. To date, there is no evidence that the threat actor had any access to customer environments, production systems, source code, or AI systems. We will notify customers if any action is required. This attack does highlight the continued risk posed to all organizations from well-resourced nation-state threat actors like Midnight Blizzard."

The company said that the attack started back in November with the hackers using a 'password spray' attack to infiltrate the systems. Password spray technique typically involves outsiders quickly trying a number of passwords on specific user names in order to breach targeted corporate accounts.

Towards the end, the post read, “We will act immediately to apply our current security standards to Microsoft-owned legacy systems and internal business processes, even when these changes might cause disruption to existing business processes. This will likely cause some level of disruption.”

Midnight Blizzard's Ties With Russia

Midnight Blizzard, also known as 'Nobelium', is a sophisticated nation-state hacking group which the US government has associated with Russia. Earlier, the same group has breached SolarWinds, a US federal contractor, as part of a massive cyber-espionage effort against US federal agencies.

In this case, in addition to the accessed accounts, the attackers also took emails and attached documents. 

Top Headlines

UP Plans Robotics, AI And Deep Tech Push; Noida To Host India's Largest Advanced Manufacturing Hub
UP Plans Robotics, AI And Deep Tech Push; Noida To Host India's Largest Advanced Manufacturing Hub
Will OnePlus Walk Out Of India Amid Oppo Overhaul? What US, Europe Exit Signals
Will OnePlus Walk Out Of India Amid Oppo Overhaul? What US, Europe Exit Signals
Samsung Galaxy Watch 9, Galaxy Watch Ultra 2 All But Confirmed In Latest Teaser
Samsung Galaxy Watch 9, Galaxy Watch Ultra 2 All But Confirmed In Latest Teaser
Samsung Galaxy Z Fold 8 Price In India May Cross Rs 1.8 Lakh, Leaks Point At Dual-Fold Strategy
Samsung Galaxy Z Fold 8 Price In India May Cross Rs 1.8 Lakh, Leaks Point At Dual-Fold Strategy

Videos

Kolkata Update: Airport Security Tightened After Announcement of Namaz at 136-Year-Old Mosque
Sambhal Update: Bulldozer Action Against Alleged Encroachments as Imam Bara and Shrine Demolished
Sambhal Update: Bulldozer Action Begins on Imam Bara and Shrine Over Alleged Illegal Construction
Ayodhya Update: Ram Temple Trust Reviews Staff After Reports of 100 Possible Employee Exits
Jammu Kashmir Update: Doda Tension Rises After Youth Dies in SOG Firing, Security Tightened

Photo Gallery

25°C
New Delhi
Rain: 100mm
Humidity: 97%
Wind: WNW 47km/h
See Today's Weather
powered by
Accu Weather
Embed widget