Microsoft said on Friday ”the email system accounts of employees of the company’s cybersecurity department and legal team, as well as members of the company’s management team, were affected by an attack”
Microsoft said in a statement that the hacking attack began in late November and was discovered on January 12, according to a blog post. Company said a Russian cyber intelligence group was also responsible for the SolarWinds attack.
According to the company, only a small organization with some Microsoft bank accounts was hacked and some emails and attachments were hacked.
A Microsoft spokesperson reveals
Microsoft could not immediately comment on which executives or how many member email accounts were affected. Microsoft said in an administrative statement on Friday that it may have until January 13 to remove the hackers’ access to the affected accounts.
Microsoft said: “We have notified employees whose emails were compromised. Our analysis shows that the main goal of hackers is to get information about their work from their email accounts” .
The announcement by Microsoft, US Securities and Exchange comes a month after the Commission implemented new rules requiring publicly traded companies to report security vulnerabilities that could affect their operations, which is a national security exemption.
Companies are required to report violations to the SEC
In a filing with the SEC on Friday, Microsoft said “as of the date of this petition, this matter has not affected the company’s operations.” But it said it has not yet “determined whether the situation is appropriate to impact a financial institution.”
Russia’s external security Agency SVR may gain access to Microsoft’s US headquarters in Redmond, Washington by capturing the credentials of an “old” math test that may contain previous numbers. The hacker’s brute force attack method is called “password spraying”.
Criminals are accused of trying to connect to multiple accounts using the same password. In a blog post published in August, Microsoft explained how its threat intelligence team discovered that the same Russian hacking group was trying to obtain credentials from at least 40 different international organizations, discussion Teams.
The company said on its blog that “this attack was not caused by a bug in Microsoft products or services.” “There is currently no evidence that the threat actor owns the customer’s source code, intelligence, manufacturing process, or environment. If action and more are necessary, we will be involved with the J.S. government department of the agency, as well as 100 people, including software and communications vendors.”
More than 1000 companies and product requests are included in this scope.
Intelligence gathering is one of the main objectives of the SVR. Most European and American think tanks, governments, embassies, IT service providers, etc. are focused on.
