Microsoft Reveals Ongoing Attempts to Break into Systems
Microsoft revealed on Friday that hackers linked to Russia’s foreign intelligence are attempting to infiltrate its systems again, using data stolen from corporate emails in January to gain new access. This is a cause for concern, particularly regarding the safety of plans and services provided by Microsoft, one of the world’s largest software makers, which offers digital services and infrastructure widely used across the U.S. national security establishment.
Microsoft identified the Russian state-sponsored group responsible for the intrusions as Midnight Blizzard, also known as Nobelium. The breach was initially disclosed in January, revealing that the hackers had targeted corporate email accounts, including those of senior company leaders and functions related to cybersecurity, legal, and more.
Microsoft’s recent statement indicates that Midnight Blizzard is utilizing information obtained from the earlier breach to gain or attempt to gain unauthorized access. The ongoing attack raises concerns about the security of Microsoft’s extensive customer network, and analysts express unease over the fact that the intrusion persists despite Microsoft’s efforts to prevent unauthorized access.
Jerome Segura, Principal Threat Researcher at cybersecurity firm Malwarebytes’ Threatdown Labs, highlighted Microsoft’s significant customer base, making it a predictable target. However, he emphasized the troubling aspect that the attack is still ongoing, suggesting that Microsoft, as a major software vendor, is learning about the situation as it unfolds.
The attacks underscore the aggressiveness of the hackers. The stolen data reportedly included access to source code repositories and internal systems. Microsoft’s ownership of GitHub, a public warehouse for software code, adds another layer of concern regarding the potential exposure of sensitive information.
There has been no response from the Russian embassy in Washington regarding Microsoft’s recent statement. The situation emphasizes the ongoing challenges and risks associated with cybersecurity, significantly when state-sponsored actors are involved, and raises questions about the effectiveness of security measures in place.
Comment Template