Sign in

Microsoft says Russian hackers again trying to breach its systems

Microsoft said that the hackers stole the access to source code repositories and internal systems.

Published on: Mar 9, 2024, 09:27:20 IST
Share
Share via
  • facebook
  • twitter
  • linkedin
  • whatsapp
Copy link
  • copy link

Microsoft has said that Russian foreign intelligence-linked hackers again tried to break into its systems, using data stolen from corporate emails in January to access the tech giant whose products are widely used across the national security establishment in the US.

According to a Reuters report, some analysts are concerned about the safety or systems and services at Microsoft. The analysts are worried about national security risks about the alleged role of Nobelium or Midnight Blizzard, a purported Russian state-sponsored group.

ALSO READ: Rajasthan youth held for allegedly selling govt, citizen’s data on dark web

In January this year, Microsoft had disclosed details about the security breach, stating that hackers tried to break into corporate email accounts (Getty Images/ Representational photo)
In January this year, Microsoft had disclosed details about the security breach, stating that hackers tried to break into corporate email accounts (Getty Images/ Representational photo)

In January this year, Microsoft had disclosed details about the security breach, stating that hackers tried to break into corporate email accounts including those of senior company leaders and cybersecurity, legal and other functions.

"In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorised access," Microsoft's blog post stated.

Jerome Segura, principal threat researcher at cybersecurity firm Malwarebytes' Threatdown Labs, told Reuters, said that it is not surprising that Microsoft is being targeted, adding that it was ‘unnerving’ that the attack was still underway despite Microsoft's efforts to thwart access.

ALSO READ: Chinese hackers breached immigration data from Indian government: Report

Which data was stolen by Russian hackers?

Microsoft said that the hackers stole the access to source code repositories and internal systems. “This is the kind of thing that we're really worried about.The attacker would want to use (Microsoft's) secrets to get into production environments, and then compromise software and put backdoors and things like that,” Segura said.

According to Microsoft, the hackers had breached the staff emails by using a dormant account via a ‘password spray’ attack i.e using the same password on multiple accounts until they break into one.

"This seems like it's something very targeted, and if (the hackers) are that deep inside Microsoft, and Microsoft hasn't been able to get them out in two months, then there's a huge concern," Adam Meyers, a senior vice president at the cybersecurity firm Crowdstrike, told the agency.

ALSO READ: US to award upto $10mn for info on Hive ransomware hackers; how do they operate?

What is Midnight Blizzard?

Midnight Blizzard or Nobelium targets governments, diplomatic entities and non governmental organisations. In January, Microsoft had said that the hacker group targeted it because the technology giant carried out robust research unravelling Midnight Blizzard's operations.

Microsoft's threat intelligence team has been investigating and sharing research on Nobelium since at least 2021, when the group was found to be behind the SolarWinds cyberattack that compromised a raft of U.S. government agencies.

The persistent attempts to breach Microsoft are a sign of "sustained, significant commitment of the threat actor’s resources, coordination, and focus," the company said on Friday.

  • HT News Desk
    ABOUT THE AUTHOR
    HT News Desk

    Follow the latest breaking news, major developments and agenda-setting stories from India and around the world with the newsdesk at Hindustan Times. Operating round the clock, the desk brings together experienced editors, reporters and correspondents to deliver fast, accurate and contextual reporting across subjects that influence public policy, governance, business, society and international affairs. The HT News Desk covers politics, elections, government policies, the economy, business and markets, science and technology, the environment, law and order, infrastructure, education, climate issues and geopolitics, while closely tracking developments across states, institutions and global capitals. The team also leads coverage of major breaking news events, policy announcements, court proceedings, natural disasters, public emergencies and significant international developments. Reports published by the newsdesk are based on information gathered from reporters on the ground, official statements, government agencies, court records, regulatory filings, recognised institutions and other authoritative sources. Stories undergo editorial scrutiny and verification processes to ensure accuracy, fairness and relevance, and are updated as events evolve and additional information becomes available. Whether covering a key political decision in New Delhi, an economic policy shift affecting millions, a landmark court ruling or a major global event, the HT News Desk aims to provide readers with reliable, fact-based journalism that delivers not only the latest developments but also the context and analysis needed to understand their wider implications.Read More