Microsoft Had an Internal Database Hacked

Microsoft Had an Internal Database Hacked

Hacked sign

Comments

Microsoft's internal database that it uses to trace bugs in its software was reportedly hacked in 2013.

A highly sophisticated hacking group was behind the alleged breach, reported by Reuters, which is the second known breach of this type of involving a corporate database. Reuters reported that the hacking group was known as one of the following:

Morpho
Butterfly
Wild Neutron

Security researchers say it is a proficient and mysterious group that works under many names and that they cannot determine if it is supported by a state government.

Five former employees explained their concerns regarding the hack in separate interviews, though Microsoft failed to disclose the depth of the attack in 2013.

The database involved contained details on critical and unfixed vulnerabilities found in not just the Windows operating system but additionally some of the worlds most widely used software.

Microsoft discovered the breach in early 2013 right after a hacking group launched a series of attacks against high profile tech companies including Apple, Twitter and Facebook.

The gang exploited a flaw in the Java programming language to access employees Apple computers, before getting into the company's network,.

Microsoft released a brief statement following the attack on 22 February 2013 that said: "As reported by Facebook and Apple, Microsoft can confirm that we also recently experienced a similar security intrusion.

"We found a small number of computers, including some in our Mac business unit, that were infected by malicious software using techniques similar to those documented by other organizations. We have no evidence of customer data being affected, and our investigation is ongoing."

In an email responding to questions from Reuters, Microsoft said: "Our security teams actively monitor cyber threats to help us prioritize and take appropriate action to keep customers protected."

The five ex-employees said the company's officials became worried that once they realised that the database had been accessed, that there would be serious repercussions. As the database was inadequately protected as only a password was required to open it.

However, three of the sources said the stolen bugs may have been used in attacks following the breach.

"They absolutely discovered that bugs had been taken," one source said. "Whether or not those bugs were in use, I don't think they did a very thorough job of discovering."

Following the breach, Microsoft improved its security by separating the database from the corporate network and including two authentications to access the information.

Mozilla had a similar attack in 2015 when an attacker accessed a database which included information on 10 unpatched flaws. One of the flaws was then used to attack Firefox users, which Mozilla told the public at the time and told customers to take action.

Microsoft reportedly compared the timing of the database hack with attacks around that time in the wider world, to see if the hackers had used the database information for malicious intent. The sources asserted that even though the bugs in the database ended up being exploited in hacking attacks, the attackers could have found the data elsewhere.

 

national security agency hacked sign

The risks posed by the release of software vulnerabilities has been a question of broad public debate this year, after the National Security Agency stockpile of hacking tools was stolen, published then used in the destructive "WannaCry" attacks against U.K. hospitals and other facilities.


After WannaCry, Microsoft President Brad Smith compared the NSA's loss to the "the U.S. military having some of its Tomahawk missiles stolen," and cited "the harm to civilians which comes from hoarding these vulnerabilities."

What is a WannaCry Ransomeware Attack?

Updated 06/04/2023

Article Written By Restore Solutions : October 17th, 2018.