The U.S. federal government recently fell victim to a cyberattack orchestrated by Russian hackers, exploiting a vulnerability in Microsoft. According to reports, the attack occurred last week, specifically on January 12, and was carried out by Midnight Blizzard, a Russian-backed hacking group. This same group was also involved in the 2020 SolarWinds cyberattacks.
The hackers managed to bypass Microsoft’s security measures using a technique known as a “password spraying attack”. In this type of attack, the pirates try the same password across multiple accounts before moving on to others. Through this tactic, they targeted predictable passwords and compromised an inherited test account. They then used these permissions to access other accounts and gain entry to corporate emails.
Although the impact was limited, some senior leadership team members at Microsoft and personnel from the cybersecurity and legal departments were affected. The multinational corporation views this incident as a stark reminder of the constant risk and threat posed by groups like Midnight Blizzard.
This incident underscores the need for maintaining robust security and staying vigilant against potential cyberattacks. Microsoft has released a detailed report on the Russian cyberattacks and the actions taken to safeguard individuals and organizations.