Microsoft Corp. said a Russian-linked hacking group attacked its corporate systems, getting into a \u201csmall number\u201d of email accounts, including those of senior leadership and employees who work in cybersecurity and legal.<\/p>\n
The company said it\u2019s acting immediately to fix older systems, which will probably cause some disruption.<\/p>\n
The hacking group doesn\u2019t appear to have accessed customers\u2019 systems or Microsoft servers that run outward-facing products, the software giant said Friday in a\u00a0blog post<\/a><\/strong>.<\/p>\n Microsoft also has no evidence the group, named Midnight Blizzard, got into source code or artificial intelligence systems.<\/p>\n \u201cWe will act immediately to apply our current security standards to Microsoft-owned legacy systems and internal business processes, even when these changes might cause disruption to existing business processes,\u201d the company said. \u201cThis will likely cause some level of disruption.\u201d<\/p>\n The group that Microsoft deemed responsible, also known as \u201cNobelium,\u201d is a sophisticated nation-state hacking group that the\u00a0US government has tied<\/a>\u00a0<\/strong>to Russia.<\/p>\n The same group previously breached SolarWinds Corp., a US federal contractor, as part of a\u00a0massive cyber-espionage effort<\/a><\/strong>\u00a0against US federal agencies.<\/p>\n The company said hackers beginning in November used a \u201cpassword spray\u201d attack to infiltrate its systems. That technique, sometimes known as a \u201cbrute force attack,\u201d typically involves outsiders quickly trying multiple passwords on specific user names in order to try breaching targeted corporate accounts.<\/p>\n In this case, in addition to the accessed accounts, the attackers also took emails and attached documents. Microsoft said it detected the hack on Jan. 12, adding that the company is still notifying employees whose emails were accessed.<\/p>\n Eric Goldstein<\/strong><\/a>, executive assistant director for cybersecurity at the US Cybersecurity and Infrastructure Security Agency, said government officials are \u201cclosely coordinating with Microsoft to gain additional insights into this incident and understand impacts so we can help protect other potential victims.\u201d<\/p>\n Microsoft technology has frequently been the target of major hacking campaigns.<\/p>\n The US Cyber Safety Review Board, which reports to the Department of Homeland Security, is already assessing a 2023 intrusion against Microsoft Exchange Online that the company attributed to China-linked hackers.<\/p>\n That breach enabled the hack of senior US officials\u2019 email accounts and has prompted growing concerns about cloud computing security. Microsoft said in September it identified five different errors in how its systems that have \u201cbeen corrected.\u201d<\/p>\n In an interview with Bloomberg in 2023 following that breach, Jen Easterly, director of the agency that manages the board, suggested that\u00a0Microsoft should \u201crecapture the ethos<\/a><\/strong>\u201d of what Microsoft co-founder Bill Gates called \u201ctrustworthy computing\u201d in 2002, when he instructed employees to focus on security over adding new features.<\/p>\n \u201cI absolutely positively think they have to focus on ensuring their products are both secure by default and secure by design, and we are going to continue to work with them to urge them to do that,\u201d Easterly said of Microsoft.<\/p>\n