Members of the tech giant’s cybersecurity team were also affected in the breach
Microsoft has claimed its corporate system was hit by a “nation-state” cyber attack allegedly launched by Russian-backed actors, saying the hack compromised the email accounts of “senior leadership” and employees across several sectors.
The company outlined the breach in a notice published on Friday, stating that a “Russian state-sponsored actor” dubbed “Midnight Blizzard” had gained access to multiple corporate email accounts beginning last November.
“The threat actor used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and then used the account’s permissions to access a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions, and exfiltrated some emails and attached documents,” the statement said.
Password spraying is a type of ‘brute force’ cyber attack in which a hacker attempts to use a single password to try and access many different user accounts. The method is used to avoid automatic lockouts that might occur with multiple login attempts, and is most effective on systems with lax security that allow default passwords or shared login credentials for several users.
Microsoft went on to say that the hackers initially targeted its systems in search of information about “Midnight Blizzard” itself, but did not say what else they might have found in executives’ email accounts.
The company noted that there was no indication the attackers gained access to customer information, production systems or source code, and emphasized that the breach was “not the result of a vulnerability in Microsoft products or services.”
The tech giant has claimed to have been affected by several other “nation-state” cyber attacks in recent months, including a breach allegedly carried out by a “China-based threat actor” last summer. That hack was said to have accessed ten US government email accounts, including that of Commerce Secretary Gina Raimondo and some 60,000 messages between State Department staffers. In a blog post published at the time, Microsoft said the hackers had “espionage objectives,” but stated its conclusions were held with only “moderate confidence.”
(RT.com)
24World Media does not take any responsibility of the information you see on this page. The content this page contains is from independent third-party content provider. If you have any concerns regarding the content, please free to write us here: contact@24worldmedia.com
4 Advantages of Owning Your Own Dump Truck
5 Characteristics of Truth and Consequences in NM
How To Make Your Wedding More Accessible
Ensure Large-Format Printing Success With These Tips
4 Reasons To Consider an Artificial Lawn
The Importance of Industrial Bearings in Manufacturing
5 Tips for Getting Your First Product Out the Door
Most Popular Metal Alloys for Industrial Applications
5 Errors To Avoid in Your Pharmaceutical Clinical Trial
Ways You Can Make Your Mining Operation Cleaner
Tips for Starting a New Part of Your Life
Easy Ways To Beautify Your Home’s Exterior