Microsoft said that as part of its usual notification processes, “we have begun notifying these targeted organisations”.
Elevate Your Tech Prowess with High-Value Skill Courses
Offering College | Course | Website |
---|---|---|
Indian School of Business | ISB Product Management | Visit |
MIT | MIT Technology Leadership and Innovation | Visit |
IIM Lucknow | IIML Executive Programme in FinTech, Banking & Applied Risk Management | Visit |
The Microsoft security team detected a nation-state attack on its corporate systems on January 12, and immediately activated its response process to investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further access.
The Microsoft Threat Intelligence investigation identified the threat actor as Midnight Blizzard, the Russian state-sponsored actor also known as Nobelium.
“It’s important to note that this investigation is still ongoing, and we will continue to provide details as appropriate,” the company said.
‘Midnight Blizzard’ is a Russia-based threat actor attributed by the US and UK governments as the Foreign Intelligence Service of the Russian Federation, also known as the SVR.
Discover the stories of your interest
This threat actor is known to primarily target governments, diplomatic entities, non-governmental organizations (NGOs) and IT service providers, primarily in the US and Europe.”Their focus is to collect intelligence through longstanding and dedicated espionage of foreign interests that can be traced to early 2018,” according to Microsoft.
Their operations often involve compromise of valid accounts and, in some highly targeted cases, advanced techniques to compromise authentication mechanisms within an organisation to expand access and evade detection.