Wouldn’t you wish to know what tech giants find out about you? That’s precisely what Russian authorities hackers need, too.
On Friday, Microsoft disclosed that the hacking group it calls Midnight Blizzard, also called APT29 or Cozy Bear — and extensively believed to be sponsored by the Russian authorities — hacked some company e-mail accounts, together with these of the corporate’s “senior management staff and staff in our cybersecurity, authorized, and different capabilities.”
Curiously, the hackers didn’t go after buyer information or the standard company info they could have usually gone after. They needed to know extra about themselves, or extra particularly, they needed to know what Microsoft is aware of about them, in line with the corporate.
Contact Us
Do you could have extra details about this hack? We’d love to listen to from you. From a non-work machine, you’ll be able to contact Lorenzo Franceschi-Bicchierai securely on Sign at +1 917 257 1382, or by way of Telegram, Keybase and Wire @lorenzofb, or e-mail lorenzo@techcrunch.com. You can also contact TechCrunch by way of SecureDrop.
“The investigation signifies they had been initially focusing on e-mail accounts for info associated to Midnight Blizzard itself,” the corporate wrote in a weblog submit and SEC disclosure.
In keeping with Microsoft, the hackers used a “password spray assault” — primarily brute forcing — in opposition to a legacy account, then used that account’s permissions to “to entry a really small share of Microsoft company e-mail accounts.”
Microsoft didn’t disclose what number of e-mail accounts had been breached, nor precisely what info the hackers accessed or stole.
Firm spokespeople didn’t instantly reply to a request for remark.
Microsoft took benefit of stories of this hack to speak about how they will transfer ahead to make itself safer.
“For Microsoft, this incident has highlighted the pressing want to maneuver even sooner. We are going to act instantly to use our present safety requirements to Microsoft-owned legacy techniques and inner enterprise processes, even when these modifications may trigger disruption to present enterprise processes,” the corporate wrote. “It will seemingly trigger some stage of disruption whereas we adapt to this new actuality, however it is a crucial step, and solely the primary of a number of we shall be taking to embrace this philosophy.”
APT29 or Cozy bear is extensively believed to be a Russian hacking group working chargeable for a sequence of high-profile assaults, comparable to these in opposition to SolarWinds in 2019, the Democratic Nationwide Committee in 2015, and plenty of extra.
