Cyber intrusion by a russian group: Microsoft in the crosshairs

Microsoft recently announced that it was the victim of a cyberattack orchestrated by Midnight Blizzard, a cybercriminal entity with ties to Russia. According to what was reported by the company, through press releases taken from international sources such as the Guardian and Reuters, the group of hackers managed to penetrate the repositories containing source codes and various internal digital infrastructures following an incursion identified at the beginning of the year.

Details about the access gained by the cyber attackers

From its investigation, Microsoft revealed how Midnight Blizzard used information previously extracted from corporate email systems to attempt or make unauthorized access, including raids on the company's source code vaults. No evidence of compromise of customer services was found. The company stressed that the intrusion attempt exploits various types of "secrets" discovered, with the risk of future breaches for both Microsoft and its customers.

Countermeasures and communication to customers

Microsoft also said that some of the sensitive information that emerged from the investigation included data shared between the company and its customers via email. In the process of investigating the compromised electronic communications, Microsoft is taking mitigation measures and actively informing affected customers to prevent further negative implications from the attack.

Context and history of the Midnight Blizzard attacks

Active since 2008 and affiliated with Russian intelligence services, Midnight Blizzard is known for its significant cyber criminal activities, including intrusions into the systems of the Democratic National Committee in 2015 and the SolarWind network in 2020, the latter an attack that allowed them to access sensitive information from various US government departments. Microsoft has categorized this latest operation as one of the most complex cyberattacks in recent history.