Russian cybercriminal intrusion at Microsoft

Posted date 18/03/2024

Microsoft has confirmed that it is continuing to manage the access to the company's senior executives' email accounts last November, allegedly perpetrated by Russian attackers. These intruders, allegedly linked to the foreign intelligence service SVR, have been attempting to break into customers' networks using illicitly obtained access information.

The technology company revealed that the attackers managed to compromise source code repositories and internal systems using data obtained during the intrusion. The compromised information includes cryptographic secrets, such as passwords, certificates and authentication keys exchanged between Microsoft and some of its customers.

According to recent reports, Hewlett Packard Enterprise has also been affected by these attacks, highlighting the seriousness and scope of the problem. Although Microsoft has been working to contain the situation, experts warn of the continuing threat posed by these cyber attackers, known as Cozy Bear, who were also behind the SolarWinds attack.