Microsoft has admitted that a January cyberattack allowed hackers to eventually gain access to the company's «source code repositories and internal systems.» Microsoft says the attack was carried out by hacking group Midnight Blizzard, which is supported by the Russian government.
The cyberattack was first detected on January 12 and prompted an immediate response from Microsoft's security team. Initially, the hackers gained access to a small percentage of corporate Microsoft email accounts where they extracted various documents that contained information about Midnight Blizzard itself. Microsoft said back in January that there was no reason to believe that the hackers had gained access to more valuable information like the company's source code, similar to a previous Russian cyberattack in 2021. However, that seems to have changed.
In a new update, Microsoft explained that Midnight Blizzard, A.K.A. NOBELIUM, used previously extracted information to gain access to its source code and internal systems. The company emphasized that customer-facing systems were not compromised, although the hackers did gain access to a small number of «secrets» that were shared between customers and Microsoft in various emails. Any affected customers should receive an email that helps mitigate any risks regarding the stolen information. Microsoft also explained that the group's attack, which is still ongoing, is the result of a «sustained, significant commitment of the threat actor's resources, coordination, and focus.» Microsoft believes that the attack's overarching purpose may be to better understand the tech giant's vulnerabilities, suggesting that a future cyberattack would aim to take advantage of them.
Microsoft further explained that it continues to increase its security investments and enhance its ability to defend against an «advanced persistent threat.» The hacking group apparently uses methods like password sprays that have increased by as much as 10-fold over the last month.
Read more on gamerant.com