Microsoft says top company execs hacked, accuses 'Russia-backed' actor
2 Min Read
The American tech giant says that the cyberattack targeted its "senior leadership" across several critical departments.
-
Microsoft logo as seen over the company's building in the United States in 2019. (AFP)
US-based tech giant Microsoft claims its corporate email system was subjected to a mass cyber attack launched by Russian-backed actors, affecting top company officials across sensitive departments.
"Microsoft has identified the threat actor as Midnight Blizzard, the Russian state-sponsored actor also known as Nobelium," the firm said in a Friday statement.
"Beginning in late November 2023, the threat actor used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and then used the account’s permissions to access a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions, and exfiltrated some emails and attached documents," the statement read.
Microsoft said that the investigation indicates the cyberattacks "were initially targeting email accounts for information related to Midnight Blizzard itself."
Read more: Israeli cyberespionage firm meddled in 33 elections worldwide: Reports
Brute force attack
Password spraying is a cyberattack technique categorized as 'brute force,' wherein a hacker uses a single password to try accessing multiple user accounts. This method is used to avoid triggering automatic lockouts that can result from repeated login attempts, and it is most effective on systems with weak security that permit default passwords or shared login credentials for multiple users.
The company said it initiated a process to "apply our current security standards to Microsoft-owned legacy systems and internal business processes, even when these changes might cause disruption to existing business processes," noting that "this is a necessary step, and only the first of several we will be taking to embrace this philosophy."
In the past months, Microsoft claimed that its systems had been hit by several cyber attacks by "nation-states," one of which it accused a "China-based threat actor" of, that took place toward the end of 2023 and targeted US officials.
Read more: UK nears greenlighting Microsoft's $69bn Activision Blizzard buyout
