Hackers with ties to the Russian military have exploited a serious flaw in Microsoft’s email software to target — and in some cases infiltrate — the networks of European military, energy and transportation organizations in an apparent espionage campaign, as The intensity of the war in Ukraine went undetected for months, Microsoft told its customers in a report obtained by CNN.
The report shows how Russian hacking can quietly come to light, if at all, months after it happened, despite Western governments and tech companies beefing up their defensive posture during the war.
As Russia’s military advance in Ukraine falters, Kremlin hacking teams have scoured the networks of Western logistics and transportation companies supporting Ukraine’s defenses for what could translate to battlefield or geopolitical advantages, according to cybersecurity experts and U.S. officials. intelligence.
Leads from Ukrainian officials prompted Microsoft to investigate cyber activity and discover that Russian hackers had been exploiting previously unknown software vulnerabilities between April 2022 and December 2022, according to Microsoft.
Microsoft publicly disclosed the vulnerability on Tuesday, urging customers to update their software. Microsoft privately told customers that “fewer than 15” organizations had been targeted or compromised by Russian operatives.
First up is tech news outlet BleepingComputer Report About Microsoft’s advice to customers.
Microsoft told customers that hackers used stealth techniques to steal login details from victim organizations and then move further into an organization’s email folders. The technology company did not name the targeted organization.
Microsoft accuses a hacking group owned by U.S. officials public link To Russia’s GRU military intelligence service. U.S. officials claim that hackers from the same agency breached the servers of the Democratic National Committee as part of a sweeping effort to undermine Hillary Clinton’s candidacy in the 2016 U.S. presidential election.
Russia has denied the specific U.S. and other allegations that it carried out cyber attacks. CNN has contacted Microsoft and the Russian embassy in Washington about Microsoft’s suggestion.
U.S. officials had braced for possible collateral damage to U.S. organizations from alleged Russian hacking operations in Ukraine and elsewhere during the war, but the knock-on effects largely failed to materialize.
Microsoft accuse Another GRU-linked hacking team carried out ransomware attacks against transportation and logistics organizations in Ukraine and Poland in October, but there were no reports of spillover to other organizations.