A month after Microsoft announced that Russian hackers had hacked internal email accounts, the unwanted visitors aren’t yet gone. Security experts are (once again) not kind to Microsoft.

At the end of January, Microsoft admitted that Russian hackers from the Midnight Blizzard collective had penetrated its own internal network. Immediately Password spray attack They accessed some senior executives’ email accounts. This included access to some of the company’s source code repositories and internal systems, the company said in an update on the case.

Although Microsoft initially announced that it had blocked the intruders’ access to the email accounts on January 13th, it turns out that it is not so easy to get the hackers fully up to date. Midnight Blizzard would keep trying to invade again: the number of attack attempts has increased tenfold since February. So far, the company claims that customers have nothing to worry about.

“Midnight Blizzard’s sustained attack is characterized by a sustained, significant deployment of resources, coordination and focus. “This reflects an unprecedented global threat landscape, particularly with regard to sophisticated nation-state attacks,” Microsoft’s security team said.

Risk of attacks on the supply chain

Cybersecurity experts are watching what is happening at Microsoft with great concern. The software company has been criticized several times in the past for its security practices. In addition, the Midnight Blizzard hackers are no strangers to Microsoft: the collective has used Microsoft services to create victims on several occasions in the past. Midnight Blizzard was also behind the infamous SolarWinds hack.

“It’s a bit scary that one of the largest software providers in the world is still learning things about security on its own,” Jerome Segura of Malwarebytes told Reuters. “As a customer, you don’t have the certainty that nothing major will happen. The attackers could use Microsoft’s secrets to break into production environments and install backdoors for customers.”

Adam Meyers from Crowdstrike also shares this opinion. “It seems like this is a very targeted thing. “If the hackers are so deep into Microsoft’s internal environment and Microsoft is unable to get them out within two months, then there is a big concern,” he told Reuters.

“We should all be outraged that something like this continues to happen. “These incidents are not unrelated and Microsoft’s shady security practices and misleading statements intentionally obscure the whole truth,” Tenable’s Amin Yoran finally criticized Microsoft via the British newspaper “The Independent”.