a group of hacker concerned that Russian spy service Accessed the emails of senior managers of MicrosoftAs revealed by the company through an official document this Friday.
Microsoft identifies cyber criminalsmidnight blizzard“, whose governments usa And United Kingdom has been linked with foreign intelligence service From Russia.
“This actor is primarily known for targeting governments, diplomatic institutions, NGO And IT service provider (Information Technology) primarily in the United States and Europe,” Microsoft explained on its blog in August last year, when it reported the previous attack.
“It focuses on intelligence gathering through a long term spying And relentless on foreign interests,” he said.
According to Microsoft, “Midnight Blizzard”Nobelium”, has been operating since the beginning of 2018.
the last attack was detected 12 january by the Microsoft security team, which activated protections that prevented access hackerAccording to the company.
The incident began in November last year, when hacker They managed to enter a password that allowed them to enter something corporate email accounts Including senior Microsoft managers and members of the security team.
The company assured that there is no evidence that the attackers accessed customer accounts, production systems, source code or Microsoft artificial intelligence software.
“Given the reality that threat actors have resources and financing from national states, we are adjusting the balance that we need Security and business risks,” the company said.
They concluded, “We will take immediate action to apply our current security standards to legacy Microsoft-owned systems and internal business processes, even if those changes involve disruption to existing business processes.”
The US government believes Nobelium As part of the Russian intelligence service, and is credited with numerous efforts Infiltration into American agencies and even Department of DefenseAlso hacking Democratic National Committee In 2016.
The same hacker group was responsible for this too massive Attack for network management software orion Which was discovered in late 2020.
By then, cybercriminals introduced a hidden hack into SolarWinds’ code that made it easier for them to infiltrate nine federal agencies and 100 other customers.
Microsoft services are serious security flaws Because of the low authentication requirements, test accounts, and ease of creating new accounts, it has been repeatedly condemned by government officials and security experts.
last September, hackers Supported by Iran regime carried out a series of cyber attacks directed towards Pharmaceutical, defense and satellite companies In usa And in different parts of the world, as reported Microsoft This is a statement.
These hackers managed to successfully infiltrate thousands of organizations that have been the targets of their attacks. He used a hacking technique very effectiveThe company elaborated, highlighting the determination of Tehran-based hacker groups to access valuable intelligence information.
The sanctions regime imposed by the United States has attempted to restrict Iran’s access to military equipment and in some cases has prevented Western companies from supplying medical products to Iran, according to a UN panel report.
Although it is difficult to determine the exact motivations behind cyberattacks on pharmaceutical, defense, and satellite companies, Sanctions have increased the incentive for Iran to seek trade secrets belonging to foreign companies.as explained Sherrod DeGrippoDirector of threat intelligence strategy at Microsoft.
(With information from AFP and EFE)