About past, present and future of Ukraine

Search mobile

Main War Russian hackers increased the number of attacks on Microsoft services in February

War

Russian hackers increased the number of attacks on Microsoft services in February

399
Russian hackers increased the number of attacks on Microsoft services in February

Share this article

Russian hackers repeatedly attempted attacks on Microsoft services throughout February.

This was reported on the company's page.

"As we shared, on January 19, the security team detected this attack on our corporate email systems and immediately activated our response process," the statement said.

The Microsoft Threat Intelligence investigation identified the threat actor as Midnight Blizzard, the Russian state-sponsored actor also known as NOBELIUM. Microsoft stated that the investigation is ongoing, and if necessary, the company will provide additional details.

"In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorized access. This has included access to some of the company’s source code repositories and internal systems. To date we have found no evidence that Microsoft-hosted customer-facing systems have been compromised," the statement said.

It is apparent that Midnight Blizzard is attempting to use secrets of different types it has found. Some of these secrets were shared between customers and Microsoft in email, and as Microsoft Threat Intelligence discover them in the exfiltrated email, the Team have been and are reaching out to these customers to assist them in taking mitigating measures. Midnight Blizzard has increased the volume of some aspects of the attack, such as password sprays, by as much as 10-fold in February, compared to the already large volume we saw in January 2024. 

Midnight Blizzard’s ongoing attack is characterized by a sustained, significant commitment of the threat actor’s resources, coordination, and focus. It may be using the information it has obtained to accumulate a picture of areas to attack and enhance its ability to do so. This reflects what has become more broadly an unprecedented global threat landscape, especially in terms of sophisticated nation-state attacks.  

"Our active investigations of Midnight Blizzard activities are ongoing, and findings of our investigations will continue to evolve. We remain committed to sharing what we learn," the statement said.

The Odessa Journal
more articles

Top article

The Ministry of Defense has signed a contract for the construction of a service center for repairing drones in Ukraine
War

The Ministry of Defense has signed a contract ...

Dmytro Kuleba: Ukraine and Croatia have agreed to use Croatian ports for exporting Ukrainian grain
Business

Dmytro Kuleba: Ukraine and Croatia have agree ...

New sanctions: Defence industry, political parties and individuals linked to oligarchs
Business

New sanctions: Defence industry, political pa ...

Volodymyr Zelensky: We are preparing for the next Ramstein meeting, we expect solidly grounded decisions to meet the prospects on the battlefield
War

Volodymyr Zelensky: We are preparing for the ...