Russian state-backed hackers gained access to some of Microsoft’s core software systems in a hack first disclosed in January, the company revealed on Friday. This intrusion into Microsoft’s systems is more extensive and serious than previously known.
Microsoft stated that the hackers have utilized information stolen from its corporate email systems in recent weeks to access “some of the company’s source code repositories and internal systems,” as disclosed in a filing with the US Securities and Exchange Commission.
Source code is highly sought after by corporations and spies aiming to breach them because it constitutes the confidential foundation of a software program, enabling its functionality. Hackers who obtain access to source code can leverage it for subsequent attacks on other systems.
Microsoft initially disclosed the breach in January, shortly before another major tech company, Hewlett Packard Enterprise, reported that the same hackers had infiltrated its cloud-based email systems. While the complete scope and specific objectives of the hacking activity remain unclear, experts suggest that the group responsible has a track record of conducting extensive intelligence gathering campaigns in support of the Kremlin.
The hacking group was responsible for the notorious breach of several US agency email systems using software created by US contractor SolarWinds, which came to light in 2020. The hackers maintained access to the unclassified email accounts of departments such as Homeland Security and Justice, among others, for months before the espionage operation was uncovered.
US officials have attributed the hacking group to Russia’s foreign intelligence service, although Russia has denied involvement in the operation.
Since the 2020 hack, Russian hackers have continued to infiltrate widely used tech firms as part of their espionage campaigns, according to US officials and private experts. Regarding the recent activity, the hackers may be leveraging the information stolen from Microsoft “to gather intelligence on areas to target and enhance their ability to do so,” the company stated in a blog post accompanying the SEC filing.
