Senior Leaders’ Emails Accessed by State-Sponsored Attackers, Microsoft Confirms

Blog
Senior Leaders’ Emails Accessed by State-Sponsored Attackers, Microsoft Confirms

Microsoft has revealed that a cyber attack by a nation-state backed group called Midnight Blizzard took place in November 2023. The group accessed some Microsoft corporate emails and documents through compromised email accounts. The attackers utilized a legacy test tenant account to gain access and were able to access a small number of corporate email accounts, including those of senior leadership team members and individuals in cybersecurity and legal teams. However, there is no evidence that the threat actors had access to customer environments, production systems, source code, or AI systems. Microsoft will notify customers if any action is required.

In a separate development, HPE also reported being breached by the Midnight Blizzard group, with data taken from their cloud-based email environment from May 2023. While investigations are still ongoing, it is unclear if the attacks on HPE and Microsoft are related.

The attack on Microsoft’s email accounts was carried out using a technique known as a password spray attack. This involves spamming commonly used passwords against multiple accounts within an organization to gain unauthorized access. To defend against such attacks, organizations are advised to implement multifactor authentication, keep track of older and test accounts, and use up-to-date SIEM software. Companies should also educate employees on the importance of strong passwords, 2FA, and the risks of social engineering attacks and insecure password sharing.

Nation-state actors pose a significant cybersecurity threat in 2024, highlighting the need for thorough incident response plans and threat intelligence monitoring, especially for organizations that might be specifically targeted. Microsoft acknowledges the need to strike a balance between security and business risk, stating that their incident has prompted them to apply their current security standards to legacy systems and internal processes, even if it causes disruptions.

TechRepublic contacted Microsoft for further information, and the company directed them to their blog post for updates.

Unlock your business potential with our expert guidance. Get in touch now!

Contact us
AI & Neural Networks Applications Big Data and Data Analysis Blockchain Cloud Computing and Services Digital Marketing in IT Digital Transformation E-commerce Technologies GLOBUS.studio GLOBUS.studio IT Consulting and Strategies IT for Businesses IT Security and Cybersecurity Learning Mobile Development News Project Management SaaS Solutions SEO/SMO/SMM Software Development Technologies Uncategorised UX/UI Web Development
flag-of-the-european-union-2023-11-27-05-29-39-utc-envato-steveallenphoto999-1.jpg

Apple Removes Thousands of Apps to Comply with Digital Services Act Regulations

  • GLOBUS.studio
FeatureImage_Young_Woman_Holding_Credit_Card_and_Using_a_Laptop.jpg

Top 6 Credit Unions for Business Accounts in 2025

  • GLOBUS.studio
tr_20240220-consultio-pro-lifetime-access.jpg

Unlock Lifetime Access to 50+ AI Experts with Consultio Pro for Just $29.99!

  • GLOBUS.studio
huawei-featured-feb-25.jpg

Huawei Launches Its First Tri-Fold Smartphone Globally

  • GLOBUS.studio
tr_20230929-internxt-cloud-storage-lifetime-subscription-2tb-plan.jpg

Secure 2TB Lifetime Cloud Storage Plan from Internxt for Just $91!

  • GLOBUS.studio
tr_20250216-arm-cpu-qualcomm-nvidia.jpg

Arm Surprises Semiconductor Industry with Potential Plan to Sell Its Own Chips

  • GLOBUS.studio
strategy_a200792738.jpg

A Journey Toward Enhanced Data Engineering

  • GLOBUS.studio

Explore More

Your Gateway to Useful Resources