Events 0
En
Ua
Events 0
Search result:
More
Home Press center Hacking of Microsoft by Russian hackers and its significance in the field of cybersecurity
Hacking of Microsoft by Russian hackers and its significance in the field of cybersecurity- image 1
CrowdStrike News
Published:

Hacking of Microsoft by Russian hackers and its significance in the field of cybersecurity

After a Russian-aligned hacker group gained access to the email accounts of Microsoft’s top executives, CrowdStrike CEO George Kurtz said in a TV interview that the expose contained “scant” details that did not explain what really happened.

Chief Executive Officer of CrowdStrike George Kurtz, criticized Microsoft for providing “scant” details about the hack that affected senior Microsoft executives and suggested that the disclosure did not provide a meaningful explanation of how the incident occurred.

Kurtz, whose company is Microsoft’s main competitor in many segments of the cybersecurity market, made the comments on Monday during an interview on CNBC.

To watch the full version of the interview, please follow via the link

On Friday, January 19, Microsoft reported that a Russian-linked threat actor had stolen emails from members of its senior management team, as well as employees of its cybersecurity and legal departments. The details of this incident are covered by CRN with a comment from the CEO of CrowdStrike.

The tech giant attributed the attack to a group it tracks as Midnight Blizzard, and previously tracked as Nobelium, and which Microsoft holds responsible for the large-scale SolarWinds hack in 2020..

The names of the Microsoft executives whose accounts were affected were not disclosed.

In its announcement on Friday, Microsoft said the incident began with a password spray attack in late November 2023 that compromised “an account of an outdated, non-production test tenant.”.

In an interview with CNBC, Kurtz emphasized that this explanation for the Microsoft hack is not entirely true.

“I’m confused, because what Microsoft talks about is [that] it was a non-production test environment. So how does a non-production test environment lead to the compromise of the most senior officials in Microsoft [and] their emails?” he said. “I think there’s a lot more that’s going to come out on this.”

In his criticism, Kurtz also referred to the timing of the Microsoft disclosure, which was released on Friday after the stock market closed for the weekend.

In addition to the blog post, Microsoft discussed the incident in a filing with the U.S. Securities and Exchange Commission on Friday, as part of its compliance with recently introduced cyberattack disclosure rules for public companies.

“When you drop this on a Friday at five o’clock, and you have scant details, I think there’s more to come on it,” Kurtz said during the CNBC interview.

Microsoft declined to comment further to CRN on Tuesday.

In its announcement on Friday, Microsoft said that the attackers used permissions from the initially compromised account to “access a very small percentage of Microsoft’s corporate email accounts, including those of members of our senior management team and employees from cybersecurity, legal and other functions, and stole some emails and attached documents.”The hack also affected accounts belonging to the company’s cybersecurity and legal staff, as well as “other functions,” Microsoft said.

Microsoft said that its security team learned about the compromise after it detected “an attack by a state actor on our corporate systems” on January 12, 2024.

Secure Future Initiative

In its post, Microsoft also made two references to its Secure Future Initiative, a set of major changes announced in early November 2023 aimed at improving Microsoft’s security, as well as the security of its widely used platforms.

“As part of our ongoing commitment to transparency, recently affirmed in our Secure Future Initiative (SFI), we are sharing the latest news,” Microsoft said in a statement on Friday.

During an interview with CNBC on Monday, Kurtz questioned the emphasis on this initiative that Microsoft placed on its disclosure.

“When you look at some of the things that Microsoft talks about [in the disclosure], it’s secure initiatives and it’s marketing around this,” he said. “If they spent some more time on coming clean on what happened here and less on the marketing and papering over it, I think it would be good for the industry.”

A series of hacker attacks

The incident followed last year’s high-profile hacking of Microsoft cloud email accounts belonging to several US government agencies.

The attack, discovered in June 2023, is believed to have affected the emails of Commerce Secretary Gina Raimondo, as well as US Ambassador to China Nicholas Burns and officials at the Department of Commerce. According to reports, a total of 60,000 emails were stolen from 10 US State Department accounts in the China-related compromise.

A frequent critic of Microsoft’s security, Kurtz told CRN in an interview in 2023 that the cloud email hack was an example of how Microsoft’s security “failures” had jeopardized the US government and businesses.

Ultimately, Microsoft’s security problems “put millions and millions – tens of millions – of customers at risk,” he told CRN earlier.

Kurtz, who is also the co-founder of CrowdStrike, echoed these comments in an interview with CNBC on Monday. “I think what you’re seeing here is a systemic failure at Microsoft that is putting not only their customers at risk, but also the U.S. government, which is a big customer,” he said.

The Microsoft paradox in the context of cybersecurity

Microsoft has always been a popular target for attackers. When you have the world’s dominant operating system and a significant market share in email platforms, productivity software, cloud services, and applications, attackers will try to find weaknesses that can be exploited.

The situation is complicated by the fact that Microsoft is not only a software and operating system provider, but also one of the leaders in the cybersecurity market. They offer tools and services to protect against cyberattacks, often targeting vulnerabilities in their own products.

In the digital world, where the number of threats is constantly growing and attackers are finding new methods to achieve their goals, it is important to stay one step ahead of the attackers and ensure your infrastructure has reliable solutions to protect against cyber incidents.

The iIT Distribution portfolio includes solutions from industry-recognized vendors. Our partners, clients, and organizations of any size can request a trial version of any vendor’s solutions through the feedback form on our website. Stay safe and secure!

NEWS

Current news on your topic

Cribl News
Corporate Development in the Age of AI: Why Businesses Continue to Choose SaaS Platforms
More
Hexnode News
iiTD and Hexnode Strengthen the UEM Segment
More
Commvault News
Digital Sovereignty: How to Build a Strategy Ready for Audits and Cyber Incidents
More
All news
All news
This website uses cookies for convenience. Privacy policy