Sponsored by the Russian government The tech giant says a group of hackers who stole sensitive data from Microsoft executives are using that information to compromise its source code and internal systems.
Midnight Blizzard, the hacker group first identified by Microsoft in January, has been responsible for more unauthorized access than previously thought, the company announced Friday. The hacker, also known as Cozy Bear or his APT29, was previously caught accessing the emails of senior executives, including those in the cybersecurity and legal departments. Microsoft said its customer-facing systems do not appear to have been compromised.
Suspected Russian hackers have increased the number of password spray attack attempts tenfold. A password spray attack is a technique in which an intruder attempts to break into a high-value account by using multiple passwords for a specific username.
The group is also attempting to use secrets shared between Microsoft and its customers in emails. Microsoft is currently alerting customers to this issue and working to mitigate the issue.
“Midnight Blizzard's ongoing attacks are characterized by a sustained and significant commitment of threat actor resources, coordination, and focus,” the company said in a blog post. “It may be using the information it obtains to accumulate information about the attack area and strengthen its capabilities.”
Read: Microsoft boosts AI capabilities
Microsoft also alerted the US Securities and Exchange Commission to this matter. — Jamie Tarabay, (c) 2024 Bloomberg LP
