- Home
- Cybercrime
- Microsoft facing new attacks from Midnight Blizzard
Microsoft facing new attacks from Midnight Blizzard
On March 8, 2024, Microsoft reviewed the consequences of the Midnight Blizzard cybercriminal group’s intrusion into its professional email inboxes, in November of 2023. The Redmont-based firm identified the compromise on January 12, 2024, and disclosed it on January 19, 2024. Midnight Blizzard, also known as Nobelium, is a group with ties to Russia, probably an offshoot of Moscow’s Foreign Intelligence Service.
According to Microsoft, Midnight Blizzard recently used “information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorized access.” The cybercriminals are believed to have gotten their hands on source code and various internal corporate systems. “To date we have found no evidence that Microsoft-hosted customer-facing systems have been compromised,” reassures the web giant.
Nonetheless, the rate of cyber attacks remains very high. “Midnight Blizzard has increased the volume of some aspects of the attack, such as password sprays, by as much as tenfold in February, compared to the already large volume we saw in January 2024,” reads the blog post. Password sprays are a type of brute-force attack that targets several accounts simultaneously, instead of just one.
According to Microsoft, the multiple attacks show that Midnight Blizzard has significant human, technical and financial resources. The tech giant explains that, in response, it strengthened cybersecurity funding and communication between its various subsidiaries. Moreover, the company stated it has alerted all partners that might have had “secrets” intercepted by Midnight Blizzard.
the newsletter
the newsletter