December 24, 2024

Microsoft says Russian hacking group is still trying to break into its systems

Microsoft Russian group Nobelium, which the company calls Midnight Blizzard, has been trying to gain access to its internal systems and source code repository, it said on Friday.

“In recent weeks, we have seen evidence that Midnight Blizzard is using information originally leaked from our company email systems to gain or attempt to gain unauthorized access. This includes access to some of the company’s source code repositories and internal systems ,” Microsoft said in a statement Blog article.

“To date, we have found no evidence that customer-facing systems hosted by Microsoft have been compromised.”

Microsoft said Midnight Blizzard is trying to obtain secrets, including those shared between Microsoft and its customers, but it is reaching out and helping affected customers.

“The February Midnight Blizzard increased the number of attacks on some aspects (such as password spraying) by as much as 10x compared to the scale we saw in January 2024,” the report said.

Microsoft said it has stepped up its security investments and efforts to defend against attacks and strengthened monitoring and controls.

The company first said in January that it had detected a cyber attack from Nobelium, the Russian group where hackers stole senior executives’ emails. At the time, Microsoft said there was no evidence that the hacker group had access to customer data or production systems with proprietary source code.

fmr says companies need to understand that cyber risks are business risks. CISA Director Chris Krebs

Shortly after Microsoft was hit, Hewlett Packard Enterprise said its cloud-based email system had also been compromised.

Nobelium is considered by the US government to be part of the Russian foreign intelligence agency SVR, also known as Cozy Bear or APT29, together with Midnight Blizzard.

Russia has repeatedly been accused of conducting cyber attacks against Western countries and companies during the war in Ukraine.

In December 2023, the UK’s National Cyber ​​Security Center said Russia had targeted politicians, journalists and civil servants in a multi-year “campaign of malicious cyber activity” aimed at undermining democracy.

About The Author

Leave a Reply

Your email address will not be published. Required fields are marked *