HomeWinBuzzer News"Midnight Blizzard" Targets Microsoft Executives in Russian-Backed Email Hack

“Midnight Blizzard” Targets Microsoft Executives in Russian-Backed Email Hack

In a cybersecurity incident raising concerns about corporate espionage, Microsoft disclosed a breach of its email system by a Russia-linked hacking group

-

has disclosed a breach of its corporate email system by a -sponsored group known as “Midnight Blizzard.” The technology giant confirmed that an intrusion occurred, resulting in unauthorized access to company emails and potentially confidential attachments.

Investigation Underway

Upon discovering the breach on January 12, 2024, Microsoft's team promptly launched an investigation to assess the damage and scope of the intrusion. The investigation revealed that the spear- began in late November 2023 and was particularly aimed at gathering intelligence about Midnight Blizzard itself.

Employees whose email accounts were compromised are currently being notified. Critical among those affected are members of Microsoft's senior leadership, along with employees in vital departments such as cybersecurity and legal. While the exfiltration of data pertained to internal communications, Microsoft has expressed confidence that customer accounts have remained unaffected by this incident.

Response and Mitigation Measures

Microsoft has committed to immediate action to secure its systems, applying stringent security standards to even the legacy and non-production systems that were exploited in this breach. The password spray attack, a method where attackers use common in hopes of gaining network access, allowed the to infiltrate old nonproduction test accounts, which then provided them access to a fractional segment of Microsoft's email accounts.

Further steps include a thorough review of internal protocols and the strengthening of defenses across the company's digital infrastructure. Microsoft continues collaborating with law enforcement and regulatory bodies as their investigation progresses. The company's Secure Future Initiative, which emphasizes transparency, underpins the decision to publicly disclose information regarding the security lapse.

The group identified as Midnight Blizzard, previously referred to by Microsoft as “Nobelium,” is notorious for its espionage activities, including the significant infiltration of U.S. government agencies in 2021, leveraging various methods to compromise Exchange Online emails. The adoption of the meteorological naming convention is a shift by Microsoft in its approach to classify cyber attack groups.

SourceMicrosoft
Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News