In January, Microsoft revealed that a known Russia-based hacker group, which operates under the names Nobelium and Midnight Blizzard, used a password spray attack to gain access to the email accounts of a number of the company's executives. Today, Microsoft revealed more info on the effects of this attack.
In a post on the Microsoft Security Response Center blog, the company said the hacker group used info gained from its previous attack to try to access some of its systems. It included "access to some of the company's source code repositories and internal systems." The post is not completely clear if the group was successful at gaining access to those systems. It did say there's no evidence that "Microsoft-hosted customer-facing systems have been compromised."
The blog post added that Midnight Blizzard has continued its attacks on Microsoft. It said that its use of the password spray attack that was successful in accessing its email accounts went up by 10 times the amount in February compared to January. The information the group has already received may be used to "accumulate a picture of areas to attack and enhance its ability to do so."
The group obtained some secrets from emails between Microsoft and some of its customers. Microsoft says it is working with those customers to help lessen the effects of the information in the emails.
Microsoft says its investigation of the Midnight Blizzard attacks will continue, and it will share what it learns. It added that it will also continue to increase its efforts to beef up its systems' online security.
Just this week, Microsoft posted updates for its ongoing Secure Future Initiative (SFI). Among other things, it says it has expanded the use of its Microsoft Authentication Library (MSAL) for Microsoft 365 for Windows, macOS, iOS, and Android. It also plans to eventually use the CodeQL code analysis engine on all of its commercial software products.
3 Comments - Add comment