Microsoft said that a hacking group linked to Russia attacked the company's systems, infiltrating a limited number of email accounts, including the accounts of senior management and employees working in cybersecurity and legal affairs.
The company said it immediately repaired the outdated systems, which will likely cause some disruption.
The software giant said yesterday that it does not appear that the hacker group has been able to access customer systems or Microsoft servers that run external products. Microsoft also has no evidence that the group, called Midnight Blizzard, had access to the source code or AI systems.
The company added: “We will immediately take action to ensure that our current security standards apply to Microsoft’s legacy systems and internal business processes, even if these changes cause disruption to existing business operations. This will likely cause some level of disruption.”
The group Microsoft holds responsible, also known as Nobelium, are hackers with sophisticated capabilities acting as a proxy on behalf of a government entity, and whose activities the US government has linked to Russia.
The same group previously hacked into the systems of SolarWinds Corp, a US federal contracting company, as part of a massive electronic espionage effort against US federal agencies.
Microsoft said that starting in November, hackers used a “password broadcast” attack to infiltrate its systems. This technique, sometimes known as a “brute force attack,” typically involves hackers quickly trying multiple passwords on specific usernames in order to attempt to break into the accounts of targeted companies.
In this case, in addition to the hacked accounts, the hackers also took over emails and attached documents.
Microsoft said it discovered the hack on January 12, adding that the company was still notifying employees whose emails were compromised.
Meantime, government officials are coordinating closely with Microsoft to determine the circumstances of the incident in detail and understand the impacts so that we can help protect other potential victims.
Microsoft provides an artificial intelligence assistant for cybersecurity
Follow the latest news on Google News
