In January this year, an alarm was raised by Microsoft Security that Russian State-Sponsored cyber-attackers (Russian-linked criminal group Midnight Blizzard (also known as Nobelium) along with other names) had breached a number of systems and email accounts.
Since then, SecureSphere has been continuing to follow the unfolding story with interest.
It has now come to light that the cyber-attackers may have stolen the “Keys to the Kingdom” which includes but not limited to cryptographic secrets such as passwords, certificates, and authentication keys, and source code.
If this is true, then this cyber-attack is extremely concerning as it will affect not just businesses and organisations but also home users as the cyber-attackers will be able to use the information stolen to create further attacks using zero-day vulnerabilities and other undiscovered security flaws.
One of the other implications, is that the cyber-attackers could sell some or all of the information stolen on the Dark Web. This would raise the prospect of global cyber-attacks from multiple groups using the same and/or different zero-day vulnerabilities and other undiscovered security flaws.
Due to the ongoing nature of the cyber-attack and the currently slow release of information to Cybersecurity professionals from Microsoft, very little is known as to how the cyber-attackers breached Microsoft.
SecureSphere (NZ) is continuing closely to follow this event and any fall-out from it and will update with any information as it becomes available.