HP, Many More Companies May Have Been Breached By Russian Intelligence Group (msn.com) 27
"Security experts expect many more companies to disclose that they've been hacked by Russian intelligence agents who stole emails from executives," reports the Washington Post, "following disclosures by Microsoft and Hewlett-Packard Enterprise in the past week."
Microsoft said late Thursday that it had found more victims and was in the process of notifying them. A spokesperson declined to say how many. But three experts in and out of government said that the attack was deeper and broader than the disclosures to date reveal. Two said that more than 10 companies, and perhaps far more, are expected to come forward...
The Securities and Exchange Commission last year strengthened the rules that require companies to notify their stockholders of computer intrusions that could have a material impact on company results. That helped spur the recent disclosures.
A spokesperson for America's Department of Homeland Security said "at this time we are not aware of impacts to Microsoft customer environments or products," according to the article. (Although the Washington Post adds that "The Microsoft and HPE breaches are especially concerning because so many other companies and agencies rely on them for cloud services, including email.")
The attackers were potentially spying on Microsoft's senior leadership team "for weeks or months," reports the Verge, citing a newly-published analysis by Microsoft: Crucially, the non-production test tenant account that was breached didn't have two-factor authentication enabled. [A cyber-breaching group named Nobelium from Russia's foreign intelligence service] "tailored their password spray attacks to a limited number of accounts, using a low number of attempts to evade detection," says Microsoft. From this attack, the group "leveraged their initial access to identify and compromise a legacy test OAuth application that had elevated access to the Microsoft corporate environment...." This elevated access allowed the group to create more malicious OAuth applications and create accounts to access Microsoft's corporate environment and eventually its Office 365 Exchange Online service that provides access to email inboxes...
Hewlett Packard Enterprise (HPE) revealed earlier this week that the same group of hackers had previously gained access to its "cloud-based email environment." HPE didn't name the provider, but the company did reveal the incident was "likely related" to the "exfiltration of a limited number of [Microsoft] SharePoint files as early as May 2023."
The Securities and Exchange Commission last year strengthened the rules that require companies to notify their stockholders of computer intrusions that could have a material impact on company results. That helped spur the recent disclosures.
A spokesperson for America's Department of Homeland Security said "at this time we are not aware of impacts to Microsoft customer environments or products," according to the article. (Although the Washington Post adds that "The Microsoft and HPE breaches are especially concerning because so many other companies and agencies rely on them for cloud services, including email.")
The attackers were potentially spying on Microsoft's senior leadership team "for weeks or months," reports the Verge, citing a newly-published analysis by Microsoft: Crucially, the non-production test tenant account that was breached didn't have two-factor authentication enabled. [A cyber-breaching group named Nobelium from Russia's foreign intelligence service] "tailored their password spray attacks to a limited number of accounts, using a low number of attempts to evade detection," says Microsoft. From this attack, the group "leveraged their initial access to identify and compromise a legacy test OAuth application that had elevated access to the Microsoft corporate environment...." This elevated access allowed the group to create more malicious OAuth applications and create accounts to access Microsoft's corporate environment and eventually its Office 365 Exchange Online service that provides access to email inboxes...
Hewlett Packard Enterprise (HPE) revealed earlier this week that the same group of hackers had previously gained access to its "cloud-based email environment." HPE didn't name the provider, but the company did reveal the incident was "likely related" to the "exfiltration of a limited number of [Microsoft] SharePoint files as early as May 2023."
Re: Fear Mongers. (Score:4, Funny)
That's how you do humor! Five tsars!
Fund Ukraine properly already. (Score:5, Insightful)
Re:Fund Ukraine properly already. (Score:4, Insightful)
It's a difficult conversation because with the exception of you know... invading Ukraine... they're doing what every other nation that can does; rattle sabres and imply consequences if you don't give them what they want. Even on the 'invading neighbours' stuff you have the US taking questionable action with Iraq and Afghanistan.
However, I think it is rather obvious that there is a huge qualitative difference - as a Canadian I'd rather border the US than Russia. It's not even a contest. I'm nervous about the US going fascist under Trump, but even that would be better than having Putin next door.
Attempting to welcome Russia into the world community after the fall of the Soviet Union has obviously failed. They grabbed the olive branches and started whipping everyone with them. Failed culture, and we ought to isolate them unless and until they manage to develop into one you can get along with.
Re: (Score:3)
"Failed culture, and we ought to isolate them unless and until they manage to develop into one you can get along with"
I'm mostly in agreement but they're aligning with China & thanks to our rampant stupidity helping them become an economic powerhouse, keeping Russia isolated won't be easy. Not to mention if India joins that potential coalition
Re: (Score:2)
China will eat Russia alive; China is not looking to support Russia but to exploit it as it fails.
India... I can't tell if they're going to move left or right in the long run. Things have been generally improving there for a long time, but with climate change about to stress them it wouldn't surprise me if they swung hard right. But there's a lot of tension between India and China and I suspect Indians know the Chinese won't treat them as equals. And they can't go to Russia for much if China's eating it
Re: (Score:1)
To the point you are making: the US annexed part of Canada / international borders recently: https://www.state.gov/announce... [state.gov]
Re: (Score:2)
To be fair - there actually is ambiguity in how measurements are made to decide who should control the territory, and the US is sort of working under a treaty it hasn't even signed to work it out with us. That's under the current US government. I'd expect a rapid change under a Republican administration.
The bits about exploration and marine life are all bullshit, of course, it's the estimated 10 billion barrels of oil they (and probably we) want.
Isn't HP a shambling corpse at this point? (Score:2)
Re: (Score:1)
I have an HP laptop. No clue who actually made it. It was $300 at Target. About two months in the escape key failed and I sent it back for warranty repair. I got it back two months later, it was fixed at least. I'm actually super happy with it other than that snafu, and the fact that the video driver was crashing when I booted it into the preinstalled Windows. It runs Devuan pretty well, except that the Linux driver for the wlan freezes every few days. That is, admittedly, very sad. Maybe someday I'll bothe
Re: Isn't HP a shambling corpse at this point? (Score:2)
It's fragmented already and makes Dell look excellent.
Another target the hackers have attacked is Tietoevry, looks like they still have work to clean up their operation for the next two weeks.
Re: (Score:2)
I don't know about glory, but they are still pulling in more than $50 billion a year in revenue. Seems a little premature to call them "dead."
https://www.statista.com/stati... [statista.com].
Still (Score:2)
Russian Intelligence is oxymoronic. They do not have any intelligence. Granted, neither do American executives, so I guess it's a wash.
Re: Still (Score:2)
Haw haw Russia weak
Re: Still (Score:2)
You are underestimating their spy division that basically is unaltered since the Soviet era.
But their politicians and military are just dumb as rocks (sorry for the rocks that feels insulted).
Re: (Score:2)
The weak point of any authoritarian government, loyalty to the leader Trumps competence every time
Round and Round we go! (Score:2)
HPE not HP (Score:1)
I know this is hard, but they are different companies
Sue HP and the rest? (Score:2)
Who's going to be first to suggest that we should sue the victims?
Obligatory Yakov Smirnoff joke (Score:2)
Might be all of those 3rd party ink cartridges! (Score:1)
I think we now know who used hacked HP ink!
https://www.wired.com/story/hp... [wired.com]
show of hands to send HP to Russia? (Score:1)
So HP printer drivers... (Score:2)
Useful Microsoft idiots (Score:2)
Microsoft is Russia's most useful friend.