Microsoft Claims Hackers With Alleged Russian Ties Making Fresh Infiltration Attempts
The methods employed by the hackers have evolved, with Microsoft noting a significant increase in password spray attacks
Microsoft late last week revealed that hackers allegedly linked to Russia's foreign intelligence service are making fresh attempts to infiltrate its systems. This renewed effort follows a previous breach in January, reported Reuters, where data pilfered from corporate emails was exploited to gain unauthorised access to Microsoft's infrastructure. The tech giant, whose products are extensively utilised across the US national security establishment, disclosed this alarming information, prompting widespread apprehension among analysts.
Expressing apprehensions regarding the safety of Microsoft's systems and services, analysts have underscored the potential national security risks associated with such breaches. Microsoft has attributed these intrusions to a state-sponsored Russian group identified as Midnight Blizzard, or Nobelium. Despite Microsoft's efforts to mitigate these attacks, concerns persist over the hackers' persistence and the potential ramifications for Microsoft's vast customer base.
Jerome Segura, Principal Threat Researcher at Malwarebytes' Threatdown Labs, commented on the situation on an official Microsoft blog, highlighting the unsettling nature of ongoing attacks despite Microsoft's defensive measures. Segura emphasised the significance of these breaches, particularly the theft of access to source code repositories and internal systems, which could facilitate further exploitation and compromise of software integrity.
Evolving Methods
The methods employed by the hackers have evolved, with Microsoft noting a significant increase in password spray attacks, a tactic where a single password is systematically attempted across multiple accounts until a breach occurs. Adam Meyers, a Senior Vice President at Crowdstrike, expressed deep concern over the sophistication and persistence of the hackers, raising questions about Microsoft's ability to effectively repel such intrusions.
Despite Microsoft's disclosure, the Russian embassy in Washington has yet to respond to inquiries regarding the latest developments, reported Reuters. The gravity of these attacks underscores the ongoing challenges posed by state-sponsored cyber threats, highlighting the need for heightened vigilance and robust cybersecurity measures across all sectors.