Current:Home > NewsMicrosoft says it hasn’t been able to shake Russian state hackers-LoTradeCoin
Microsoft says it hasn’t been able to shake Russian state hackers
View Date:2024-12-23 23:52:51
BOSTON (AP) — Microsoft said Friday it’s still trying to evict the elite Russian government hackers who broke into the email accounts of senior company executives in November and who it said have been trying to breach customer networks with stolen access data.
The hackers from Russia’s SVR foreign intelligence service used data obtained in the intrusion, which it disclosed in mid-January, to compromise some source-code repositories and internal systems, the software giant said in a blog and a regulatory filing.
A company spokesman would not characterize what source code was accessed and what capability the hackers gained to further compromise customer and Microsoft systems. Microsoft said Friday that the hackers stole “secrets” from email communications between the company and unspecified customers — cryptographic secrets such as passwords, certificates and authentication keys —and that it was reaching out to them “to assist in taking mitigating measures.”
Cloud-computing company Hewlett Packard Enterprise disclosed on Jan. 24 that it, too, was an SVR hacking victim and that it had been informed of the breach — by whom it would not say — two weeks earlier, coinciding with Microsoft’s discovery it had been hacked.
“The threat actor’s ongoing attack is characterized by a sustained, significant commitment of the threat actor’s resources, coordination, and focus,” Microsoft said Friday, adding that it could be using obtained data “to accumulate a picture of areas to attack and enhance its ability to do so.” Cybersecurity experts said Microsoft’s admission that the SVR hack had not been contained exposes the perils of the heavy reliance by government and business on the Redmond, Washington, company’s software monoculture — and the fact that so many of its customers are linked through its global cloud network.
“This has tremendous national security implications,” said Tom Kellermann of the cybersecurity firm Contrast Security. “The Russians can now leverage supply chain attacks against Microsoft’s customers.”
Amit Yoran, the CEO of Tenable, also issued a statement, expressing both alarm and dismay. He is among security professionals who find Microsoft overly secretive about its vulnerabilities and how it handles hacks.
“We should all be furious that this keeps happening,” Yoran said. “These breaches aren’t isolated from each other and Microsoft’s shady security practices and misleading statements purposely obfuscate the whole truth.”
Microsoft said it had not yet determined whether the incident is likely to materially impact its finances. It also said the intrusion’s stubbornness “reflects what has become more broadly an unprecedented global threat landscape, especially in terms of sophisticated nation-state attacks.”
The hackers, known as Cozy Bear, are the same hacking team behind the SolarWinds breach.
When it initially announced the hack, Microsoft said the SVR unit broke into its corporate email system and accessed accounts of some senior executives as well as employees on its cybersecurity and legal teams. It would not say how many accounts were compromised.
At the time, Microsoft said it was able to remove the hackers’ access from the compromised accounts on or about Jan. 13. But by then, they clearly had a foothold.
It said they got in by compromising credentials on a “legacy” test account but never elaborated.
Microsoft’s latest disclosure comes three months after a new U.S. Securities and Exchange Commission rule took effect that compels publicly traded companies to disclose breaches that could negatively impact their business.
veryGood! (291)
Related
- A herniated disc is painful, debilitating. How to get relief.
- A Texas execution is renewing calls for clemency. It’s rarely granted
- 2 sisters from Egypt were among those killed in Mexican army shooting
- San Francisco’s first Black female mayor is in a pricey battle for a second term
- Shocked South Carolina woman walks into bathroom only to find python behind toilet
- Why Tom Selleck Was Frustrated Amid Blue Bloods Coming to an End
- How Jacob Elordi Celebrated Girlfriend Olivia Jade Giannulli’s 25th Birthday
- Aurora Culpo Shares Message on Dating in the Public Eye After Paul Bernon Breakup
- South Carolina lab recaptures 5 more escaped monkeys but 13 are still loose
- Early Amazon Prime Day Travel Deals as Low as $4—86% Off Wireless Phone Chargers, Luggage Scales & More
Ranking
- NFL overreactions: New York Jets, Dallas Cowboys going nowhere after Week 10
- 'That '90s Show' canceled by Netflix, show's star Kurtwood Smith announces on Instagram
- Former New York governor and stepson assaulted during evening walk
- Mets shock everybody by naming long-injured ace Kodai Senga as Game 1 starter vs. Phillies
- Texas now tops in SEC? Miami in trouble? Five overreactions to college football Week 11
- Battered community mourns plastics factory workers swept away by Helene in Tennessee
- Bad News, Bears? States Take Legal Actions to End Grizzlies’ Endangered Species Protections
- Federal Highway Officials Reach Agreement With Alabama Over Claims It Discriminated Against Flooded Black Residents
Recommendation
-
When does 'Dune: Prophecy' come out? Release date, cast, where to watch prequel series
-
Joe Musgrove injury: Padres lose pitcher to Tommy John surgery before NLDS vs. Dodgers
-
City of Boise's video of 'scariest costume ever,' a fatberg, delights the internet
-
Indiana coach Curt Cignetti guaranteed $3.5 million with Hoosiers reaching bowl-eligibility
-
Shaun White Reveals How He and Fiancée Nina Dobrev Overcome Struggles in Their Relationship
-
Major cases before the Supreme Court deal with transgender rights, guns, nuclear waste and vapes
-
AP News Digest - California
-
In Competitive Purple Districts, GOP House Members Paint Themselves Green