At the end of January, Microsoft revealed that Russian hackers had managed to penetrate its messaging system. Today, the company is still trying to evict them.
The American giant Microsoft is, let’s say, somewhat confused. Russian hackers managed to access the accounts of several senior executives of the company at the end of November. The incident was only reported on January 12, 2024 by the firm at the window, which does not reassure by saying it is still fighting, three and a half months later, against this persistent attack by hackers supported by Moscow.
Microsoft in the fight against Russian hackers supported by Moscow
Microsoft has been waging a battle against Russian hackers from the SVR, the Foreign Intelligence Service of the country of the tsars, since the hacking of the email accounts of company executives last November. The hackers used the data collected during the intrusion to compromise internal code repositories and systems.
The company did not specify what code may have been accessed by the attackers or even the capabilities acquired by them to understand customer systems. But what we do know is that the hackers, affiliated with the Cozy Bear group (also known as Midnight Blizzard) famous for the SolarWinds attack, had initially exploited an obsolete test account, which had allowed them to opened access to the legal and cybersecurity sections of the company.
Proof of the seriousness of the attackers and the scale of the attack, Hewlett Packard Enterprise revealed a little later, on January 24, that it had also been the victim of a hack by the same Russian group.
The company cannot put hackers out of harm’s way
Microsoft indicated on Friday March 9 that hackers stole certain secrets contained in exchanges between the company and customers whose sector and identity have not been revealed. Among the data and information collected, Microsoft mentioned passwords, certificates and authentication keys. The company obviously contacted the injured people and customers to support them.
In the world of cybersecurity, some voices are being raised to highlight the potential dangers in terms of national security and/or to denounce the risks born from dependence on the famous “software monoculture” of Microsoft, which can expose customers of the company to supply chain attacks.
For the moment, Microsoft has not quantified the long-term financial impact of this incident, and it is certain that there will be one. As for the attack itself, the company is currently unable to claim to have completely removed hackers from its systems.
Sources: Clubic, ABC News
7