Microsoft claims Russia-backed group attacked its corporate system

IT Major Microsoft on Friday (January 19, 2024) stated its corporate system was attacked by a Russian state-sponsored group.

In a weblog submit, the corporate stated: “The Microsoft safety crew detected a nation-state assault on our corporate methods on January 12, 2024, and instantly activated our response course of to analyze, disrupt malicious exercise, mitigate the assault, and deny the menace actor additional entry.”

Microsoft has recognized the menace actor as Midnight Blizzard, the Russian state-sponsored actor often known as Nobelium.

“As a part of our ongoing dedication to accountable transparency as just lately affirmed in our Secure Future Initiative (SFI), we’re sharing this replace,” the weblog stated.

Microsoft stated in November final 12 months the group used a password spray assault to compromise a legacy non-production take a look at tenant account and achieve a foothold, after which used the account’s permissions to entry a really small proportion of Microsoft corporate e mail accounts, together with members of our senior management crew and workers in our cybersecurity, authorized, and different features, and exfiltrated some emails and connected paperwork.

“The investigation signifies they had been initially concentrating on e mail accounts for data associated to Midnight Blizzard itself. We are within the means of notifying workers whose e mail was accessed,” the corporate stated in its weblog.

“The assault was not the results of a vulnerability in Microsoft services or products. To date, there is no such thing as a proof that the menace actor had any entry to buyer environments, manufacturing methods, supply code, or AI methods. We will notify prospects if any motion is required,” the weblog submit stated.

The firm stated the assault highlights the continued danger posed to all organisations from well-resourced nation-state menace actors like Midnight Blizzard.