ALBAWABA - Microsoft has revealed on Friday Jan. 19 that it has uncovered a cyber-attack described as “nation-state” attack, targeting its corporate infrastructure. The culprit behind the hack was mentioned to be Midnight Blizzard, a threat group suspected to be backed by the Russian Foreign Intelligence Service (SVR), that first appeared in 2008 in a report by Kaspersky and has been breaching governmental and corporate systems since 2014.
On a disclosure filed with the Securities and Exchange Commission (SEC), Microsoft explained that the attack started early November 2023 via a ‘Password-Spray’, a kind of brute force attack in which a malevolent party tries repeatedly using the same password on multiple accounts before switching to another password and attempting access again, but only detected in Jan. 12, a week before it was disclosed.
While Microsoft says no customer data was threatened, a minimal number of corporate emails that included senior leadership in different departments like cybersecurity and legal teams, and the company is currently in the process of notifying the damaged parties. However, many Microsoft products’ users have went online saying they have received attempts to enter their accounts or flat-out been hacked.
Someone has been trying to hack my personal Microsoft account from Russia 🙄
Also Read— Kim (@KimTerriRose) January 17, 2024Microsoft stock surges as former OpenAI CEO Sam Altman takes charge of AI innovation division
According to Microsoft, their services and products held no responsibility towards the attack, but rather it was accessed through a weak link in its employees' accounts according to experts like Steve Bellovin, a computer science professor, who mentioned this incident suggests use of weak passwords or lack of 2-factor-authentication measures used.
The tech giant has added that Midnight Blizzard had no access to customer environments, production infrastructures, source codes to proprietary or AI systems, but the threat group was actually attempting to reach data that directly mentions them, however, the exact scale of the attack has not been detailed yet and Microsoft refuses to add any extra information at the moment.
