(Updated – March 8, 2024 at 9:00 AM ET)
This weblog supplies the newest details about a nation-state assault detected by the Microsoft (NYSE: MSFT) safety group on January 12, 2024. As we now have already shared, our safety group detected this assault on company e mail methods on January nineteenth. We instantly started the response course of. Microsoft Threat Intelligence investigation recognized the attacker as Russian state-run menace actor Midnight Blizzard, often known as NOBELIUM.
As we stated on the time, the investigation is ongoing and we’ll present extra particulars as wanted.
It’s clear that Midnight Blizzard is trying to make use of the various kinds of secrets and techniques it discovers. Some of this delicate info was shared by e mail between clients and Microsoft, and since we found this delicate info in leaked emails, we now have had and are at the moment offering mitigations to those clients. We are reaching out to you that will help you take motion. Midnight Blizzard elevated the amount of a few of its assaults, resembling password spraying, by as a lot as 10 occasions in February 2024, in comparison with the amount already seen in January 2024.
Midnight Blizzard’s sustained assaults are characterised by a sustained and important dedication of menace actor assets, coordination, and focus. The info obtained could also be used to build up photographs of the goal space and improve its capabilities. This displays a broader and unprecedented world menace panorama, notably when it comes to superior state assaults.
Across Microsoft, we now have elevated safety investments, cross-company coordination and mobilization to strengthen our skill to defend towards this superior and protracted menace and defend and harden our environments. We have applied and can proceed to implement additional enhanced safety controls, detection, and monitoring.
An energetic investigation into Midnight Blizzard’s actions is ongoing and our findings will proceed to evolve. We stay dedicated to sharing what we now have realized.