😎 Summer Sale Exclusive - Up to 50% off AI-powered stock picks by InvestingProCLAIM SALE

Microsoft says Russian state-sponsored hackers spied on its executives

Published 01/19/2024, 05:36 PM
Updated 01/19/2024, 06:46 PM
© Reuters. A view shows a Microsoft logo at Microsoft offices in Issy-les-Moulineaux near Paris, France, January 25, 2023. REUTERS/Gonzalo Fuentes/File Photo
MSFT
-

By Zeba Siddiqui and Christopher Bing

(Reuters) -Microsoft said on Friday that a Russian state-sponsored group hacked into its corporate systems on Jan. 12 and stole some emails and documents from staff accounts.

The Russian group was able to access "a very small percentage" of Microsoft (NASDAQ:MSFT) corporate email accounts, including members of its senior leadership team and employees in its cybersecurity, legal, and other functions, the company said.

Microsoft's threat research team routinely investigates nation-state hackers such as Russia's "Midnight Blizzard," who they say is responsible.

The company said its probe into the breach indicated the hackers were initially targeting Microsoft to learn what the technology giant knew about their operations.

The company said the hackers used a "password spray attack" starting in Nov. 2023 to breach a Microsoft platform. Hackers use this technique to infiltrate a company's systems by using the same compromised password against multiple related accounts.

The Russian Embassy in Washington and Ministry of Foreign Affairs did not immediately respond to a request for comment.

Microsoft said it investigated the incident and disrupted the malicious activity, blocking the group's access to its systems.

"This attack does highlight the continued risk posed to all organizations from well-resourced nation-state threat actors like Midnight Blizzard," the company said, noting that the attack was not the result of a specific vulnerability in it products or services.

"To date, there is no evidence that the threat actor had any access to customer environments, production systems, source code, or AI systems," a company blog reads.

Microsoft's disclosure follows a new regulatory requirement implemented by the U.S. Securities and Exchange Commission (SEC) in December that mandates publicly-owned companies to promptly disclose cyber incidents. Affected companies must file a report about a hack's impact within four business days of discovery - disclosing the time, scope and nature of the breach to the government.

© Reuters. A view shows a Microsoft logo at Microsoft offices in Issy-les-Moulineaux near Paris, France, January 25, 2023. REUTERS/Gonzalo Fuentes/File Photo

Midnight Blizzard is also known as APT29, Nobelium or Cozy Bear by cybersecurity researchers and linked to Russia's SVR spy agency, according to U.S. officials. The group is best known for its intrusions of the Democratic National Committee surrounding the 2016 U.S. election.

Microsoft products are widely used across the U.S. government. The company faced criticism last year for its security practices after Chinese hackers stole emails belonging to senior U.S. State Department officials.

Latest comments

Risk Disclosure: Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers.
© 2007-2024 - Fusion Media Limited. All Rights Reserved.