Microsoft warns Russian hackers still trying to break into its systems

Microsoft warns Russian hackers still trying to break into its systems is profiled by BTW Media because published evidence links it to internet infrastructure, governance, operational dependencies, or market visibility.

• Microsoft warned Friday that the Russian government hackers were trying to leverage what they stole to try to break into customers’ computer systems.
• Analysts have shown worries about national security risks. Microsoft has said a Russian state-sponsored group called Midnight Blizzard is behind the intrusions.

OUR TAKE
Microsoft disclosed the breach saying hackers attempted to break into Microsoft, including those of senior company leaders as well as those of cybersecurity, legal and other functions.
Microsoft provides appropriate serves many national organizations in the US, and this has serious implications for US local security. Repeated intrusions by Russian hackers have also made the United States take the issue seriously.
-Jennifer YU, BTW reporter

Microsoft said on Friday that hackers linked to Russia’s foreign intelligence were trying again to break into its systems, using data stolen from corporate emails in January.

Persistent attacks

Jerome Segura, principal threat researcher at the cybersecurity firm Malwarebytes’ Threatdown Labs said, “Given Microsoft’s vast customer network, it is not surprising it is being targeted What’s troubling,” he added, it was unnerving that the attack was still underway despite Microsoft’s efforts to thwart access.

Microsoft said the data stolen by the hackers included access to source code repositories and internal systems. “This is the kind of thing that we’re really worried about,” Segura said.

Also Read: ChatGPT gets its own key as Microsoft brings AI to Windows 11

Also Read: Top tech stories today: January 22, 2024

Midnight Blizzard

Microsoft attributed the ongoing attacks to an SVR group that it calls Midnight Blizzard and that other security companies refer to as APT29 or Cozy Bear.

Earlier, Microsoft said hackers broke into employees’ emails using dormant accounts through a “password spamming” attack, where the same password is used on multiple accounts until they break into one. Such attacks increased as much as tenfold in Midnight Blizzard’s latest attempts, compared to the January breach, Microsoft said in its blog.

As mentioned by Adam Meyers, a senior vice president at the cybersecurity firm Crowdstrike, “This seems like it’s something very targeted, and if (the hackers) are that deep inside Microsoft, and Microsoft hasn’t been able to get them out in two months, then there’s a huge concern.”

Midnight Blizzard targets governments, diplomatic entities, and non-governmental organizations, according to several analysts who track the group. Microsoft states that Midnight Blizzard was probably targeting it because they have conducted extensive research that has uncovered how the hacking group operates. They are trying to discover more secrets.