Microsoft Corporation MSFT has begun notifying organizations that they may be under attack from a Russian-backed hacking group previously implicated in a breach of the tech giant’s own executive emails.
What Happened: Microsoft’s Threat Intelligence team has identified the hacking group known as Midnight Blizzard, the Russian state-sponsored actor also known as NOBELIUM as the suspected party targeting these organizations, the company said in a blog post on Thursday.
“Using the information gained from Microsoft’s investigation into Midnight Blizzard, Microsoft Threat Intelligence has identified that the same actor has been targeting other organizations and, as part of our usual notification processes, we have begun notifying these targeted organizations,” the company said, adding, “It’s important to note that this investigation is still ongoing, and we will continue to provide details as appropriate.”
The activities of this group have evidently expanded beyond Microsoft, as Hewlett Packard Enterprise Co. HPE also reported a breach of its cloud-based email system, believed to be orchestrated by Midnight Blizzard.
Microsoft previously disclosed that the group had compromised a “legacy non-production test tenant account,” which was used to access a “small number” of email accounts, including those of senior leadership and employees involved in cybersecurity and legal, reported Bloomberg.
Why It Matters: Previously, CrowdStrike CRWD CEO George Kurtz explained the challenges of dealing with Russian hackers, specifically Nobelium, stating their operations are “low and slow,” making them difficult to detect.
“This is a very determined adversary, but we’ve seen Cozy Bear in many different accounts, and the thing that makes them so difficult is they’re low and slow, the way they operate,” he said.
Nobelium’s recent intrusion into Microsoft is just one instance of Russian hackers grabbing attention.
In August last year, there were reports of Russian hackers unveiling a novel tool called Hidden Virtual Network Computer or VNC, designed to provide complete access to Apple Mac devices, enabling them to pilfer personal data and login credentials.
Check out more of Benzinga’s Consumer Tech coverage by following this link.
This content was partially produced with the help of Benzinga Neuro and was reviewed and published by Benzinga editors.