Russian hackers allegedly attempting to break into Microsoft's systems

Hackers linked to Russia's foreign intelligence are allegedly trying to break into Microsoft's systems, according to the technology software giant.

In January 2024, Microsoft had disclosed the breach saying that the digital intruders breached the company in November 2023 and were able to steal emails and documents from “a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions,” according to a statement from Microsoft’s Security Response Center.

Given that the hackers performed a “password spray attack” – a method that is believed to be used to guess employee passwords until the correct one was found – Microsoft has since encouraged its clients to use passwordless authentication, such as certificate-based authentication or CBA for stronger and simpler security.

Microsoft, which owns GitHub, a public repository of software code for various applications, said that the data the hackers allegedly stole was access to source code repositories and internal systems.

The software giant hinted that Midnight Blizzard, otherwise known as Cozy Bear, APT29 or Nobelium, a Russian state-sponsored group was responsible for the cybersecurity threat in a statement, although the Russian embassy in Washington has yet to respond to the allegations.

The alleged attempt poses a threat to national security, since Microsoft as one of the world's largest software makers provides digital services and infrastructure to the U.S. government. It may also affect several small to large-sized businesses that use Microsoft's services.

Since 2021, Microsoft's threat intelligence team has been investigating and sharing research on Nobelium when the group was found to be behind the SolarWinds cyberattack that compromised a raft of U.S. government agencies.