On January 12th, Microsoft acknowledged a cyberattack on its corporate systems by a Russian state-sponsored group known as “Midnight Blizzard.” The perpetrators, believed to be connected to Russia’s SVR intelligence agency, accessed a limited number of Microsoft employee email accounts, including those of high-level management and cybersecurity and legal personnel.
The investigation revealed that the hackers primarily focused on gathering information about Microsoft’s internal operations. Their attack methodology involved a “password spray” technique, attempting multiple compromised passwords across different accounts to gain entry starting in November 2023.
Upon identifying the breach, Microsoft swiftly intervened, shutting down the attackers’ access and mitigating the threat. They confirmed that the intrusion wasn’t due to any vulnerabilities in their products or services, but rather a targeted attack against their internal network.
“This attack underscores the ongoing threat posed by well-equipped nation-state actors like Midnight Blizzard to organizations worldwide,” Microsoft declared. However, they assured customers that “no evidence suggests the threat actor accessed customer environments, production systems, source code, or AI systems.”
This disclosure comes at a pivotal time, coinciding with a new SEC regulation requiring publicly-traded companies to promptly report cyberattacks within four business days of discovery. The incident also reignites past concerns regarding Microsoft’s security practices, particularly amidst widespread government deployment of their software.
While the full extent of the stolen information remains unclear, the attack serves as a stark reminder of the evolving cyber landscape and the heightened risks faced by both corporations and governments.
Vision Pro Sells Out, But is it Worth the Price? Read More