Big-Name Targets Push Midnight Blizzard Hacking Spree Back Into the Limelight

Microsoft and Hewlett-Packard Enterprise (HPE) both recently disclosed that they suffered corporate email breaches at the hands of Russia's "Midnight Blizzard" hackers. The group, which is tied to the Kremlin's SVR foreign intelligence, is specifically linked to SVR's APT 29 Cozy Bear, the gang that meddled in the United States 2016 presidential election, has conducted aggressive government and corporate espionage around the world for years, and was behind the infamous 2021 SolarWinds supply chain attack. While both HP and Microsoft's breaches came to light within days of each other, the situation mainly illustrates the ongoing reality of Midnight Blizzard's international espionage activities and the lengths it will go to to find weaknesses in organizations' digital defenses. "We shouldn't be surprised that Russian intelligence-backed threat actors, and SVR in particular, are targeting tech companies like Microsoft and HPE. With organizations that size, it would be a much bigger surprise to learn they weren't," says Jake Williams, a former US National Security Agency hacker and current faculty member at the Institute for Applied Network Security.