Microsoft said that it was still trying to remove Russian hackers from its systems but had not yet succeeded so far.
The tech giant said that Russian government hackers had broken into the email accounts of senior Microsoft executives since last November and have since been trying to get access to its customer data.
The tech giant had first disclosed this in a blog and a regulatory filing it had made with the US Securities and Exchange Commission (SEC) in mid-January.
The attack is believed to have been carried out by Russia’s foreign intelligence service (SVR). According to the US Cyber Defense Agency, the SVR is the cyber arm of Russia’s foreign intelligence service.
In a report, it stated: “SVR cyber operations have posed a longstanding threat to the United States. Prior to 2018, several private cyber security companies published reports about APT 29 operations to obtain access to victim networks and steal information, highlighting the use of customized tools to maximize stealth inside victim networks and APT 29 actors’ ability to move within victim environments undetected.”
According to a CNN report, Microsoft’s filing with the SEC also disclosed that the Russian hackers had used their hack of Microsoft’s corporate email systems to access “some of the company’s source code repositories and internal systems.”
The report added that access to source code can be used by the hackers to carry out further attacks on other systems.
Cyber experts believe that this means that the hackers can now potentially launch hacks directly on Microsoft’s customers.
According to AP, Hewlett Packard Enterprise also disclosed in January that it was an SVR hacking victim. It did not say when it was hacked.
Russia has so far denied any involvement but fears that this hack could lead to a potential cyber war persist.
This is not the first time that Microsoft has levelled accusations against Russia. In September 2020, the company accused Russian, Chinese, and Iranian hackers of trying to break into US campaigns online according to CNN.
Accusations by companies and states of hackers operating from other nations have intensified in recent times. South Korea recently accused North Korean hackers of hacking the personal emails of one of its presidential aides.