Already a subscriber? Make sure to log into your account before viewing this content. You can access your account by hitting the “login” button on the top right corner. Still unable to see the content after signing in? Make sure your card on file is up-to-date.
Microsoft disclosed on Friday that Russian hackers, identified as the state-sponsored group Midnight Blizzard, have been actively attempting to breach Microsoft’s systems using stolen data from a previous intrusion.
The attackers are leveraging information originally extracted from Microsoft’s corporate email systems in their efforts to gain unauthorized access. This malicious activity builds on Microsoft’s January revelation of a nation-state attack orchestrated by Midnight Blizzard, during which the hackers accessed a small fraction of corporate email accounts, including those of some senior leadership team members.
In a statement, Microsoft said, “It is apparent that Midnight Blizzard is attempting to use secrets of different types it has found,” referring to confidential information shared between the company and its customers through email. The tech giant is proactively notifying affected customers and providing guidance on mitigative actions. Furthermore, the frequency of specific attack techniques like password sprays—a method where the same password is tried across various accounts—saw a dramatic increase in February, with Microsoft reporting a tenfold rise in such activities.
Microsoft added, “Midnight Blizzard’s ongoing attack is characterized by a sustained, significant commitment of the threat actor’s resources, coordination, and focus. It may be using the information it has obtained to accumulate a picture of areas to attack and enhance its ability to do so.”