Russian-backed hackers gained access to corporate email accounts of senior executives at software giant Microsoft. disclosed It said in a regulatory filing on Friday.
The cyberattack, which began in November, is believed to have been carried out by the Russian state-backed cybercriminal organization Midnight Blizzard. Microsoft said in its filing that the hackers accessed a “small portion” of the company’s email accounts, including those of senior executives and employees in cybersecurity, legal and other departments. It is said to be included. Microsoft said it first discovered the breach on January 12 and began responding to its systems.
Microsoft’s investigation revealed that the hackers appeared to be targeting email accounts for information related to Midnight Blizzard itself, and were able to successfully steal some emails and attachments.
The hacker, also known as Nobelium, first became active in 2008. The hacker is suspected of being part of Russia’s foreign intelligence service. caught up in Several high-profile hacks have been attempted and succeeded, including the Pentagon in 2015, the Democratic National Committee and a US think tank during the 2016 election, according to Scottish cybersecurity firm Quorum Cyber. . The group said Midnight Blizzard is interested in sensitive geopolitical data that could benefit the Russian state and operates for espionage purposes.
Microsoft said its investigation found no evidence that Midnight Blizzard accessed customer accounts, production systems, source code, or artificial intelligence systems. The company added that this attack was not due to any vulnerabilities in Microsoft products or services.
Microsoft said the incident “highlights the urgent need to move even faster” in applying current security standards to Microsoft-owned legacy systems and internal business processes. While this could cause “some disruption” to the company’s business processes, Microsoft said it is a “necessary step” and the first of several steps to ensure stronger cybersecurity. Said to be a step.
“Given the reality of threat actors being resourced and funded by nation states, we are changing the balance we must strike between security and business risk. Traditional types of calculations are no longer sufficient,” Microsoft said. stated in the submitted documents.
Friday’s disclosure follows new Securities and Exchange Commission rules that require companies to disclose cybersecurity incidents such as cyberattacks, hacks and ransomware requests. This disclosure is intended to provide transparency regarding cybersecurity risks, which are becoming increasingly common.
Last year, multiple U.S. companies suffered data breaches, including MGM Resorts and Clorox, with both companies suffering millions of dollars in financial losses as a result of the attacks. According to the U.S. Securities and Exchange Commission, 83% of organizations experienced multiple data breaches in 2022, with an average cost of $9.44 million.