\n
![](\"https:\/\/content.fortune.com\/wp-content\/uploads\/2024\/03\/AP24069014153138-e1710000321324.jpg?w=2048\")
<\/p>\n [ad_1]
\n<\/p>\n
Microsoft<\/a> said Friday it\u2019s still trying to evict the elite Russian government hackers who broke into the email accounts of senior company executives in November and who it said have been trying to breach customer networks with stolen access data.<\/p>\n The hackers from Russia\u2019s SVR foreign intelligence service used data obtained in the intrusion, which it\u00a0disclosed in mid-January<\/a>, to compromise some source-code repositories and internal systems, the software giant said\u00a0in a blog<\/a>\u00a0and a\u00a0regulatory filing<\/a>.<\/p>\n A company spokesman would not characterize what source code was accessed and what capability the hackers gained to further compromise customer and Microsoft systems. Microsoft said Friday that the hackers stole \u201csecrets\u201d from email communications between the company and unspecified customers \u2014 cryptographic secrets such as passwords, certificates and authentication keys \u2014and that it was reaching out to them \u201cto assist in taking mitigating measures.\u201d<\/p>\n Cloud-computing company Hewlett Packard Enterprise\u00a0disclosed on Jan. 24<\/a>\u00a0that it, too, was an SVR hacking victim and that it had been informed of the breach \u2014 by whom it would not say \u2014 two weeks earlier, coinciding with Microsoft\u2019s discovery<\/a> it had been hacked.<\/p>\n \u201cThe threat actor\u2019s ongoing attack is characterized by a sustained, significant commitment of the threat actor\u2019s resources, coordination, and focus,\u201d Microsoft said Friday, adding that it could be using obtained data \u201cto accumulate a picture of areas to attack and enhance its ability to do so.\u201d Cybersecurity experts said Microsoft\u2019s admission that the SVR hack had not been contained exposes the perils of the heavy reliance by government and business on the Redmond, Washington, company\u2019s software monoculture \u2014 and the fact that so many of its customers are linked through its global cloud network.<\/p>\n \u201cThis has tremendous national security implications,\u201d said Tom Kellermann of the cybersecurity firm Contrast Security. \u201cThe Russians can now leverage supply chain attacks against Microsoft\u2019s customers.\u201d<\/p>\n Amit Yoran, the CEO of Tenable, also issued a statement, expressing both alarm and dismay. He is among security professionals who find Microsoft overly secretive about its vulnerabilities and how it handles hacks.<\/p>\n \u201cWe should all be furious that this keeps happening,\u201d Yoran said. \u201cThese breaches aren\u2019t isolated from each other and Microsoft\u2019s shady security practices and misleading statements purposely obfuscate the whole truth.\u201d<\/p>\n Microsoft said it had not yet determined whether the incident is likely to materially impact its finances. It also said the intrusion\u2019s stubbornness \u201creflects what has become more broadly an unprecedented global threat landscape, especially in terms of sophisticated nation-state attacks.\u201d<\/p>\n The hackers, known as Cozy Bear, are the same hacking team behind the\u00a0SolarWinds breach<\/a>.<\/p>\n When it initially announced the hack, Microsoft said the SVR unit broke into its corporate email system and accessed accounts of some senior executives as well as employees on its cybersecurity and legal teams. It would not say how many accounts were compromised.<\/p>\n At the time, Microsoft said it was able to remove the hackers\u2019 access from the compromised accounts on or about Jan. 13. But by then, they clearly had a foothold.<\/p>\n It said they got in by compromising credentials on a \u201clegacy\u201d test account but never elaborated.<\/p>\n Microsoft\u2019s latest disclosure comes three months after\u00a0a new U.S. Securities and Exchange Commission rule<\/a>\u00a0took effect that compels publicly traded companies to disclose breaches that could negatively impact their business.<\/p>\n<\/div>\n\nSubscribe to the Eye on AI newsletter to stay abreast of how AI is shaping the future of business. Sign up<\/a> for free.<\/div>\n