Microsoft revealed on Friday that it fell victim to a cyberattack orchestrated by the hacking group known as Midnight Blizzard, believed to be sponsored by the Russian government. The hackers, widely recognized as Cozy Bear or APT29, infiltrated corporate email accounts, specifically targeting Microsoft’s “senior leadership team and employees in our cybersecurity, legal, and other functions.”
What makes this breach particularly intriguing is the hackers’ unusual objective—they were not after customer data or typical corporate information. Instead, they sought insight into what Microsoft knows about them. The motive appeared to be a desire for self-awareness, as Microsoft stated, “They wanted to know more about themselves, or more specifically, they wanted to know what Microsoft knows about them.”
The company’s investigation indicates that the hackers employed a “password spray attack,” essentially utilizing brute force against a legacy account. Subsequently, they leveraged this compromised account’s permissions to gain access to a limited number of Microsoft corporate email accounts. Microsoft did not disclose the exact number of breached email accounts or the specific information accessed or stolen by the hackers.
This incident prompted Microsoft to underscore its commitment to fortifying its security measures. The company acknowledged the urgency to accelerate its security protocols and announced immediate actions to apply current security standards to legacy systems and internal processes, even if these changes disrupt existing business operations. Microsoft emphasized that while these adaptations may cause some level of disruption, they are necessary steps to enhance cybersecurity.
Image credit: Unsplash
