Microsoft has condemned computer attacks from Russia against the email accounts of senior company officials
A group of Hackers related to it Russian spy service Accessed emails of senior managers MicrosoftThis was announced by the company through an official document on Friday.
Microsoft calls cybercriminals “Midnight snow”, whose governments USA And United Kingdom have connected with Foreign Intelligence Service From Russia.
“This actor is mainly known for targeting Governments, diplomatic institutions, Non-Governmental Organizations And IT service providers (information technologies) primarily in the United States and Europe,” Microsoft explained on its blog in August of last year, when it reported the previous attack.
“It focuses on gathering intelligence through a Long term surveillance And constantly on foreign interests,” he added.
Also known as “Midnight Blizzard,” according to Microsoft.Nobelium”, has been operational since early 2018.
The last attack was reported to have taken place 12th January by the Microsoft security team, which activated defenses that prevented access HackersAccording to the company.
The incident started in November last year, when Hackers They managed to enter a password that allowed them to enter some Corporate email accounts from Microsoft, including senior managers and members of the security team.
The company assured that there was no evidence that attackers accessed customer accounts, production systems, source code or Microsoft artificial intelligence software.
“Given the reality that threat actors have resources and financing from nation states, we are striking the necessary balance between them. Security and business risk,” the company said.
“We will take immediate action to apply our current security standards to legacy Microsoft-owned systems and internal business processes, even if those changes involve disruptions to existing business processes,” he concluded.
The US government takes note Nobelium As part of the Russian intelligence service, and many efforts are attributed to him Infiltration of US agencies And that too Department of DefenseAs well as hacking Democratic National Committee In 2016.
This hacker group was also responsible for it Massive attack For network management software Solar Winds Which was discovered in late 2020.
By then, cybercriminals had introduced a hidden hack into SolarWinds’ code that made it easy for them to infiltrate nine federal agencies and 100 other customers.
Microsoft services are serious Security flaws Because of the low authentication requirements, test accounts and the ease of creating new accounts, as government officials and security experts have repeatedly condemned.
In September last year, Hackers Supported by Iran regime carried out a series of cyber attacks directed at Pharmaceutical, defense and satellite companies in USA And in different parts of the world, according to the report Microsoft It is a statement.
These hackers have been able to successfully infiltrate thousands of organizations that are the targets of their attacks. They used hacking techniques Very effectiveThat highlights the determination of Tehran-based hacker groups to access valuable intelligence information, the company detailed.
The sanctions regime imposed by the United States has sought to restrict Iran’s access to military equipment and, according to a United Nations panel report, has in some cases prevented Western companies from supplying medical products to Iran.
Although the exact motivations behind cyber attacks on pharmaceutical, defense and satellite companies are difficult to determine, Sanctions have increased Iran’s incentive to seek trade secrets of foreign companiesAs explained Sherrod DeGrippoDirector of Threat Intelligence Strategy at Microsoft.
(With information from AFP and EFE)