Rephrase the title:Microsoft says Russian hackers attacked it to find information about themselves

Rephrase and rearrange the whole content into a news article. I want you to respond only in language English. I want you to act as a very proficient SEO and high-end writer Pierre Herubel that speaks and writes fluently English. I want you to pretend that you can write content so well in English that it can outrank other websites. Make sure there is zero plagiarism.:

  • Microsoft said on Friday that its security systems were breached a Russian hacking group.
  • Microsoft identified the group as Midnight Blizzard, which was behind the SolarWinds cyberattack.

Microsoft said Friday that its systems were breached Russian hackers who accessed a “very small percentage” of corporate email accounts.

The breached accounts belong to members of the company’s senior leadership team, employees in its cybersecurity and legal departments, and those working on “other functions.”

The attack was launched Midnight Blizzard — the seasoned Russian hacking group behind the massive 2020 attack on US information technology firm SolarWinds, which exposed sensitive information in the US federal government.

Transform talent with learning that works

Capability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More

According to Microsoft, Midnight Blizzard first accessed the company’s systems in late November through a “password spray” attack, a tactic where a malicious actor uses the same password on multiple accounts. But it was only last week that Microsoft first detected a threat to its systems, the company said.

Based on Microsoft’s initial investigation, it appears that Midnight Blizzard targeted corporate email accounts to find information about itself and managed to withdraw “some emails and attached documents.”

Microsoft said “the attack was not the result of a vulnerability in Microsoft products or services” and added that “there is no evidence that the threat actor had any access to customer environments, production systems, source code, or AI systems.”

The company, however, had a similar response back in 2021 after its systems were impacted the SolarWinds attack. At the time, Microsoft said its software and tools hadn’t been used “in any way for this attack.” A spokesperson for the company also told BI at the time that it had “not identified any software vulnerability in Microsoft products or cloud services that led to compromise.” But federal investigators said they found evidence the hackers accessed Microsoft Office 365.

Midnight Blizzard isn’t the only group that’s breached Microsoft’s systems in recent years. In 2021, an “unusually aggressive Chinese cyber espionage unit” exploited a flaw in Microsoft’s Exchange server email software and accessed 30,000 organizations, including companies, small businesses, and local governments. This past July, Microsoft also announced an attack from an “adversary based in China” that gained access to email accounts at US government agencies.

In November, Microsoft launched the Secure Future Initiative, a move to bolster its cybersecurity protection.

The company said the recent incident has “highlighted the urgent need to move even faster.” It’s planning to “act immediately to apply our current security standards to Microsoft-owned legacy systems and internal business processes, even when these changes might cause disruption to existing business processes.”

Related Post