- Russian hacking group Nobelium has escalated password spray attacks on Microsoft by 10x to access sensitive information shared between Microsoft and customers.
- In response, Microsoft has ramped up security investments, monitoring, and access controls. It first reported Nobelium’s cyber intrusion in January.
- Nobelium is linked to Russia’s SVR intelligence agency. Microsoft remains locked in a cybersecurity battle with the group, cooperating with agencies and customers to mitigate threats.
Microsoft revealed on Friday that the Russian hacking group known as Nobelium has been attempting to infiltrate its internal systems and source code repositories in recent weeks. This is the latest phase of an ongoing cyber campaign that began earlier this year.
Attempts to Access Sensitive Information
The tech giant said it has observed Nobelium, which it refers to as Midnight Blizzard, escalating certain tactics like password spray attacks by 10x compared to January. The group’s goal appears to be accessing secrets shared between Microsoft and its customers. While no customer data or systems have been compromised so far, Microsoft is reaching out to affected parties.
Enhanced Security Measures
In response to Nobelium’s relentless attacks, Microsoft has ramped up security investments and monitoring. It has also implemented more robust access controls. The company first reported Nobelium’s cyber intrusion in January, when the hackers breached email accounts of executives. At the time, Microsoft stated there was no evidence of compromised customer data or source code.
Connections to Russian Intelligence
U.S. authorities have linked Nobelium to Russia’s foreign intelligence service, SVR. The group is also known as Cozy Bear or APT29. Russia has been accused of numerous cyberattacks on Western nations and corporations during its war on Ukraine. Last year, Britain reported that Russia conducted a multi-year hacking campaign aimed at undermining democracy.
Conclusion
Microsoft remains locked in a cybersecurity battle with Russian state-sponsored hackers. It is cooperating with government agencies and customers to mitigate the effects of Nobelium’s espionage efforts. Bolstering defences and vigilance will be key to defeating these types of threats.
