Advertisement

Microsoft's senior executives targeted in Russian hackers' password spray attack

L: The logo of the international hardware and software developer Microsoft can be seen on the facade of an office building.
R: Cyber attack, system breaking, and malware concept. - stock photo.
L: The logo of the international hardware and software developer Microsoft can be seen on the facade of an office building. R: Cyber attack, system breaking, and malware concept. - stock photo.picture alliance/boonchai wedmakawand (Getty Images)
  • Russian state-backed hackers have been targeting Microsoft systems.

  • The hackers infiltrated a small percentage of Microsoft's corporate email accounts.

  • Microsoft has enhanced security and its investigation is coordinating with federal law enforcement.

Russian state-backed hackers have been targeting Microsoft systems, the company announced in a blog update.

The company detected unauthorized activity from the group beginning in late November 2023. In February, the Russian state-sponsored actor ramped up its attacks tenfold from January when a "large volume" of cybersecurity issues emerged.

Members of Microsoft's senior leadership team and employees in cybersecurity, legal, and other functions were among the people whose email accounts were infiltrated, said a company filing with the SEC.

The blog said a Microsoft Threat Intelligence investigation identified the culprit as Midnight Blizzard on Friday.

The hackers infiltrated a small percentage of corporate email accounts, Microsoft said.

Midnight Blizzard first gained access through password spray attacks, attempting the same password on many accounts before repeating the process with another one.

"In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain unauthorized access. This has included access to some of the company's source code repositories and internal systems," said the computer giant's blog.

Sean Lyngaas, CNN's cybersecurity reporter, wrote: "Source code is coveted by corporations — and spies trying to breach them — because it is the secret nuts and bolts of a software program that make it function."

Hackers with access to source code can use it to launch further attacks.

The company filing with the SEC said there is no evidence of access to Microsoft customer environments or AI systems.

Microsoft said it was taking measures to defend itself against "this advanced persistent threat."

The filing said no material impact on operations had been determined yet.

Microsoft's investigation is ongoing, and a company blog update said the corporation would provide additional details as appropriate.

They will continue collaborating with law enforcement and regulators.

Business Insider contacted Microsoft for comment.

Read the original article on Business Insider