Russian hackers have reportedly spied on Microsoft executives, according to the company.

A recent cybersecurity incident has revealed that on January 12, Microsoft fell victim to a cyberattack orchestrated by a state-sponsored Russian group. Infiltrating the company’s corporate systems, the hackers managed to pilfer a selection of emails and documents from staff accounts. Microsoft disclosed that the breach impacted a relatively small proportion of its corporate email accounts, including those belonging to senior leaders and employees in cybersecurity, legal, and other departments. The technology giant’s threat research team, responsible for investigating nation-state hackers, identified the group as “Midnight Blizzard,” which Microsoft believes to be affiliated with the Russian government.

Microsoft’s investigation into the breach revealed that the initial objective of the hackers was to gain insight into the company’s knowledge of their operations. However, the scope of the attack did not extend to customer environments, production systems, source code, or AI systems, according to Microsoft’s official blog.

In response to the incident, Microsoft promptly disrupted the malicious activity and blocked the group’s access to its systems. Nevertheless, the Russian Embassy in Washington and the Ministry of Foreign Affairs have yet to provide any comment regarding the cyberattack.

The Russian group responsible for this breach, also known as APT29, Nobelium, or Cozy Bear, has previously been linked to Russia’s SVR spy agency by U.S. officials. This group gained notoriety for its intrusion into the Democratic National Committee during the 2016 U.S. election.

It is worth noting that Microsoft products are widely utilized across various U.S. government entities. Last year, the company faced criticism due to its security practices after Chinese hackers successfully stole emails belonging to senior officials from the U.S. State Department.

As cybersecurity threats continue to evolve, incidents like these serve as a stark reminder of the significance of robust security measures and constant vigilance in protecting sensitive information and systems from malicious actors.

On January 12, Microsoft disclosed that a Russian state-sponsored group hacked into its systems, gaining access to a small number of corporate email accounts. The targeted accounts included those of senior leadership and employees in cybersecurity and legal functions. Microsoft’s investigation suggests that the hackers’ initial aim was to determine what the company knew about their operations. The breach was disrupted, and there is no evidence of access to customer environments, production systems, source code, or AI systems. The group responsible, known as Midnight Blizzard or APT29, has been linked to Russia’s SVR spy agency and is infamous for its 2016 intrusions into the Democratic National Committee. Microsoft products are widely used in the U.S. government, raising concerns about cybersecurity practices.

Disclaimer: Only the headline and content of this report may have been reworked by Newsearay, staff; the rest of the content is auto-generated from a syndicated feed. The Article was originally published on Source link

Leave a Reply

Your email address will not be published. Required fields are marked *