What You Need To Know About Microsoft's Latest Cyberattack
Microsoft has released a statement regarding a cyberattack against the tech giant, one orchestrated by a group familiar to the gaming industry. In Microsoft's statement, it said that the group known for extortion had compromised a single account under Microsoft. As reported by VGC, the group, known as Lapsus$ (and referred to as DEV-0537 by Microsoft) has recently taken credit for cyberattacks against Nvidia and Samsung. The Nvidia attack resulted in the company's DLSS source code being stolen, while the Samsung attack resulted in key algorithms being stolen.
In Microsoft's lengthy statement, the company outlined not only what was compromised, but how it happened, how it can be better prepared for the future, and what it believes are the goals of the hacker group Lapsus$. Microsoft stated that the group aims to gain high-level access to a company via stolen or purchased credentials so it can steal valuable information and extort the company for money. Microsoft went on to state that only one account with limited access had been compromised, meaning the user data and information had not been stolen. This means the average consumer or somebody with a Microsoft account of any kind, like an Xbox account, has nothing to worry about for the moment. According to Microsoft's findings, it believes the hacker group is more interested in targeting the companies themselves and not any customer or user data.
How Microsoft believes other companies can prepare
Microsoft went on to provide insight to other corporations on how to protect themselves from this type of attack. Microsoft included a WhatsApp post in the statement, which appears to show Lapsus$ offering money to employees of Microsoft, Apple, EA, and other tech giants in exchange for access to the company's VPN or servers. The post specifically stated that the group isn't looking for data, but access.
Microsoft advised companies to use two-factor authentication for employee sign in, but specifically recommended using a token-based system, since the hacker group used a sim-card spoof to bypass a phone-number based system. "Multifactor authentication (MFA) is one of the primary lines of defense against DEV-0537. While this group attempts to identify gaps in MFA, it remains a critical pillar in identity security for employees, vendors, and other personnel alike," Microsoft explained in the statement.
Video game companies deal with cyber attacks on a regular basis, with Ubisoft having accounts compromised earlier in 2022 and Capcom suffering a massive attack in 2020. Microsoft and Xbox Game Studios are currently developing multiple games, including the "Perfect Dark" reboot.