Wouldn’t you need to know what tech giants learn about you? That’s precisely what Russian authorities hackers need, too.
On Friday, Microsoft disclosed that the hacking group it calls Midnight Blizzard, often known as APT29 or Cozy Bear — and broadly believed to be sponsored by the Russian authorities — hacked some company electronic mail accounts, together with these of the corporate’s “senior management group and workers in our cybersecurity, authorized, and different features.”
Curiously, the hackers didn’t go after buyer knowledge or the normal company info they might have usually gone after. They wished to know extra about themselves, or extra particularly, they wished to know what Microsoft is aware of about them, in line with the corporate.
Contact Us
Do you have got extra details about this hack? We’d love to listen to from you. From a non-work machine, you may contact Lorenzo Franceschi-Bicchierai securely on Sign at +1 917 257 1382, or by way of Telegram, Keybase and Wire @lorenzofb, or electronic mail lorenzo@techcrunch.com. You can also contact TechCrunch by way of SecureDrop.
“The investigation signifies they had been initially focusing on electronic mail accounts for info associated to Midnight Blizzard itself,” the corporate wrote in a weblog publish and SEC disclosure.
In line with Microsoft, the hackers used a “password spray assault” — primarily brute forcing — in opposition to a legacy account, then used that account’s permissions “to entry a really small share of Microsoft company electronic mail accounts.”
Microsoft didn’t disclose what number of electronic mail accounts had been breached, nor precisely what info the hackers accessed or stole.
Firm spokespeople didn’t instantly reply to a request for remark.
Microsoft took benefit of reports of this hack to speak about how they’re going to transfer ahead to make itself safer.
“For Microsoft, this incident has highlighted the pressing want to maneuver even sooner. We’ll act instantly to use our present safety requirements to Microsoft-owned legacy programs and inner enterprise processes, even when these modifications would possibly trigger disruption to current enterprise processes,” the corporate wrote. “This can probably trigger some stage of disruption whereas we adapt to this new actuality, however this can be a crucial step, and solely the primary of a number of we might be taking to embrace this philosophy.”
APT29, or Cozy Bear, is broadly believed to be a Russian hacking group working liable for a collection of high-profile assaults, resembling these in opposition to SolarWinds in 2019, the Democratic Nationwide Committee in 2015, and plenty of extra.
