Microsoft discloses source code theft by Russian hackers
Microsoft has disclosed that it fell victim to a cyberattack earlier this year orchestrated by Russian state-sponsored hackers. The assault targeted the email accounts of select members of its senior leadership team.
Now, in a shocking revelation, Microsoft has confirmed that the same group responsible for the infamous SolarWinds attack has penetrated its systems once again, resulting in the theft of source code.
In a recent blog post, Microsoft elucidated the gravity of the situation, stating, “In recent weeks, we have seen evidence that Midnight Blizzard [Nobelium] is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorised access.” This breach extended beyond mere email infiltration, granting the hackers access to certain source code repositories and internal systems. However, Microsoft assured that there is no evidence indicating compromise of customer-facing systems hosted by the company.
The extent of the compromised source code remains undisclosed. Nonetheless, Microsoft has issued a stern warning that the perpetrators, identified as the Nobelium group or “Midnight Blizzard” by Microsoft, are actively leveraging the pilfered information in ongoing attempts to breach Microsoft’s infrastructure, potentially putting its customers at risk. Microsoft is actively engaging with affected customers, notifying them and assisting in implementing necessary security measures.
The initial breach occurred when Nobelium exploited a vulnerability in Microsoft’s systems through a password spray attack, a brute-force method employing a vast array of potential passwords. Exploiting a non-production test tenant account lacking two-factor authentication, Nobelium gained entry into Microsoft’s networks.
In response to this alarming breach, Microsoft has ramped up its security measures and investments, emphasising enhanced coordination and vigilance across its enterprise. “Across Microsoft, we have increased our security investments, cross-enterprise coordination and mobilisation, and have enhanced our ability to defend ourselves and secure and harden our environment against this advanced persistent threat,” stated Microsoft.