(Bloomberg) -- Microsoft Corp. said a Russian-linked hacking group attacked its corporate systems, getting into a โsmall numberโ of email accounts, including those of senior leadership and employees who work in cybersecurity and legal.ย
The company said it's acting immediately to fix older systems, which will probably cause some disruption.
The hacking group doesn't appear to have accessed customers' systems or Microsoft servers that run outward-facing products, the software giant said Friday in a blog post. Microsoft also has no evidence the group, named Midnight Blizzard, got into source code or artificial intelligence systems.
โWe will act immediately to apply our current security standards to Microsoft-owned legacy systems and internal business processes, even when these changes might cause disruption to existing business processes,โ the company said. โThis will likely cause some level of disruption.โ
The group that Microsoft deemed responsible, also known as โNobelium,โ is a sophisticated nation-state hacking group that the US government has tied to Russia. The same group previously breached SolarWinds Corp., a US federal contractor, as part of a massive cyber-espionage effort against US federal agencies.
The company said hackers beginning in November used a โpassword sprayโ attack to infiltrate its systems. That technique, sometimes known as a โbrute force attack,โ typically involves outsiders quickly trying multiple passwords on specific user names in order to try breaching targeted corporate accounts.ย
In this case, in addition to the accessed accounts, the attackers also took emails and attached documents. Microsoft said it detected the hack on Jan. 12, adding that the company is still notifying employees whose emails were accessed.ย
Eric Goldstein, executive assistant director for cybersecurity at the US Cybersecurity and Infrastructure Security Agency, said government officials are โclosely coordinating with Microsoft to gain additional insights into this incident and understand impacts so we can help protect other potential victims.โ
Microsoft technology has frequently been the target of major hacking campaigns.ย
The US Cyber Safety Review Board, which reports to the Department of Homeland Security, is already assessing a 2023 intrusion against Microsoft Exchange Online that the company attributed to China-linked hackers. That breach enabled the hack of senior US officials' email accounts and has prompted growing concerns about cloud computing security. Microsoft said in September it identified five different errors in how its systems that have โbeen corrected.โ
In an interview with Bloomberg in 2023 following that breach, Jen Easterly, director of the agency that manages the board, suggested that Microsoft should โrecapture the ethosโ of what Microsoft co-founder Bill Gates called โtrustworthy computingโ in 2002, when he instructed employees to focus on security over adding new features.
โI absolutely positively think they have to focus on ensuring their products are both secure by default and secure by design, and we are going to continue to work with them to urge them to do that,โ Easterly said of Microsoft.
In November, Microsoft said it was overhauling how it protects its software and systems after a series of high-profile hacks. Now the company said it must pick up the pace on changes, particularly to older systems and products.ย
โFor Microsoft, this incident has highlighted the urgent need to move even faster,โ the company said Friday.
(Updates with comments from cyber agency in the eighth paragraph.)
More stories like this are available on bloomberg.com
ยฉ2024 Bloomberg L.P.
Essential Business Intelligence, Continuous LIVE TV, Sharp Market Insights, Practical Personal Finance Advice and Latest Stories โ On NDTV Profit.
