(San Francisco) Hackers with ties to Russian intelligence services hacked the emails of high-ranking Microsoft executives, a court document from the American computer giant says.
Posted at 8:03 p.m.
According to Microsoft, the perpetrator of the cyber attack is “Midnight Blizzard”. According to information from Washington and London, this group operates in conjunction with Russian foreign intelligence services.
“This actor is known to primarily target states, diplomatic entities, non-governmental organizations and IT service providers in the United States and Europe,” Microsoft said in a blog post last August about an earlier cyberattack.
“They try to gather intelligence by spying on foreign interests in the long term. »
The activities of “Midnight Blizzard,” also known as “Nobelium,” have been traced back to early 2018, according to Microsoft.
The company's security team discovered the latest attack on January 12 and triggered defenses that blocked the hackers from further access.
The attack began last November when hackers tried passwords for a number of accounts and gained access to an old test account, Microsoft's court document said.
The hackers then used this “breakpoint” to access specific accounts belonging to Microsoft employees, including managers and security team members, and recover emails and attachments.
“The investigation shows that the hackers initially attacked email accounts to obtain information related to Midnight Blizzard itself,” Microsoft said.
According to the company, there is no evidence that the hackers accessed customer accounts, production systems, source code or artificial intelligence software at Microsoft.
“Faced with the reality of well-resourced and state-sponsored malicious actors, we are seeking a new balance between security and business risk,” Microsoft said.
“We will act immediately and apply our current security standards to legacy systems and internal business processes owned by Microsoft, even though these changes risk disrupting existing business processes.”