Illustration: The Verge
Microsoft revealed last week that it had discovered a nation-state attack on its corporate systems from the Russian state-sponsored hackers that were behind the SolarWinds attack. Hackers were able to access the email accounts of some members of Microsoft’s senior leadership team — potentially spying on them for weeks or months.
While Microsoft didn’t provide many details on how the attackers gained access in its initial SEC disclosure late on Friday, the software maker has now published an initial analysis of how the hackers got past its security. It’s also warning that the same hacking group, known as Nobelium or as the “Midnight Blizzard” weather-themed moniker Microsoft refers to them, has been targeting other organizations.