Hello User
Sign in
Sign Out

Get Your Credit Score For Free

Check Now
Next Story
Business News/ Companies / News/  Microsoft alerts other organisations of Russia-backed hackers' threats after email hacking incident

Microsoft alerts other organisations of Russia-backed hackers' threats after email hacking incident

Microsoft's Threat Intelligence team has identified the Russian-sponsored hacking group Midnight Blizzard or Cozy Bear as the same actor that has targeted other organisations. Microsoft has started notifying the targeted organizations.

File image of US multi-national company Microsoft Corporation logo seen at a tech event

Microsoft Corporation has issued warnings to organisations, indicating they are targets of the Russian-sponsored group, Midnight Blizzard or Cozy Bear, the same group that hacked into the company's executives' emails late last year, Bloomberg reported.

The disclosure came through a blog post by Microsoft's Threat Intelligence team, stating that the group has been targeting various organisations. Microsoft has initiated notification processes for the targeted entities.

Also Read | FTC launches inquiry into artificial intelligence deals such as Microsoft's OpenAI partnership

Midnight Blizzard an Expanding Threat

Recent developments suggest that Midnight Blizzard's activities extend beyond Microsoft. Hewlett Packard Enterprise Co. (HPE) reported a breach in its cloud-based email system on January 24, attributing it to the activities of Midnight Blizzard. This signals a broader reach for the hacking group.

In a prior disclosure, Microsoft revealed that the group compromised a "legacy non-production test tenant account" to gain access to a "small number" of email accounts, including those of senior leadership and employees in cybersecurity and legal roles.

Also Read | Microsoft lays off 1,900 Activision Blizzard, Xbox staff: Report

The initial target was information about Midnight Blizzard itself. The investigation later revealed that the compromised email account lacked multifactor authentication, a standard security measure.

Hewlett Packard Enterprise (HPE), an information technology provider, reported that it was notified on December 12 about a breach by a nation-state hacking group in its email systems. Investigators believe the hackers accessed and infiltrated data starting in May, primarily targeting a small percentage of HPE mailboxes from employees in cybersecurity and other departments.

Also Read | AI race propels Silicon Valley tech firms Microsoft, Meta, and Google to new highs. Here's why

Russian Link to Midnight Blizzard

The hackers, identified as Russia's SVR foreign intelligence agency, gained access to Microsoft by compromising credentials on a "legacy" test account, hinting at outdated code.

The United States government has linked the hacking group, also known as Nobelium, to Russia. This group gained notoriety for breaching SolarWinds Corp. in a massive cyber-espionage campaign against several federal agencies.

Also Read | Microsoft creates new Gen AI team to develop smaller and cheaper language models: Report

Microsoft highlighted that the recent breach shares a commonality with the SolarWinds hacking campaign, considered "the most sophisticated nation-state attack in history." The SVR primarily focuses on intelligence-gathering, targeting governments, diplomats, think tanks, and IT service providers in the US and Europe.

The recent activities of Midnight Blizzard further highlight the persistent threat posed by this Russian-linked hacking group.

Unlock a world of Benefits! From insightful newsletters to real-time stock tracking, breaking news and a personalized newsfeed - it's all here, just a click away! Login Now!

Catch all the Corporate news and Updates on Live Mint. Download The Mint News App to get Daily Market Updates & Live Business News.
Get the latest financial, economic and market news, instantly.