In January, Microsoft disclosed that Russian hackers had breached the company’s systems and managed to read emails belonging to senior executives. Now, the company has revealed that the breach was worse than initially understood and that the Russian hackers accessed Microsoft source code.

Friday’s revelation — made in a blog post and a filing with the Securities and Exchange Commission — is the latest in a string of breaches affecting the company that have raised major questions in Washington about Microsoft’s security posture. The company’s filing with the SEC describes the incident as ongoing, stating that “the threat actor used and continues to use information it obtained to gain, or attempt to gain, unauthorized access to some of the Company’s source code repositories and internal systems.”

Microsoft has linked the attack to the hacking group it tracks as Midnight Blizzard but is more popularly known as Cozy Bear. The group is believed to be a unit of Russia’s foreign intelligence service SVR and one of the Kremlin’s most capable hacking units.

The incident began in November, when the hackers in question gained access to what Microsoft has described as a “legacy non-production test tenant account” using a password spray attack —  a basic way of compromising a computing system that simple security hygiene would typically prevent.

The attacks then used that access to pivot into other company systems, including emails belonging to senior executives. Security experts say that how the attackers managed to move from a test system into what should be sections of Microsoft’s corporate systems that are highly protected — including source code and executives’ emails — represents a concerning and puzzling development.

According to Microsoft’s most recent statement on the breach, the company appears to be engaged in an ongoing battle to either kick the hackers out of their systems or prevent them from breaching the company again. “Midnight Blizzard’s ongoing attack is characterized by a sustained, significant commitment of the threat actor’s resources, coordination, and focus. It may be using the information it has obtained to accumulate a picture of areas to attack and enhance its ability to do so,” according to the firm’s blog post.

It remains unclear what source code the attackers have accessed, but Microsoft says it does not believe “customer-facing systems have been compromised.”

The company is concerned, however, that “Midnight Blizzard is attempting to use secrets of different types it has found,” including in emails between customers and Microsoft. “As we discover them in our exfiltrated email, we have been and are reaching out to these customers to assist them in taking mitigating measures,” the company said in its blog post.

The company describes the incident as an example of “what has become more broadly an unprecedented global threat landscape, especially in terms of sophisticated nation-state attacks.” In response, the company has said it is increasing the resources and attention devoted to securing its systems.

The post Russian hackers accessed Microsoft source code appeared first on CyberScoop.

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

Details of a Phone Scam

February 21, 2024 0 Comments 0 tags

First-person account of someone who fell for a scam, that started as a fake Amazon service rep and ended with a fake CIA agent, and lost $50,000 cash. And this

Ukrainian national pleads guilty for roles in Zeus, IcedID malware operations

February 15, 2024 0 Comments 0 tags

A Ukrainian man accused of playing key roles in two prolific malware groups that bilked millions from victims around the world over a decade pleaded guilty in a U.S. federal

Update to national cybersecurity strategy implementation plan coming before the end of summer

March 5, 2024 0 Comments 0 tags

MIAMI — Cybersecurity professionals can expect fresh reading materials in the coming months from the Office of the National Cyber Director, which aims to issue an update to the national