Profilic Syrian hacksters strike again in attack on the Microsoft Office blog
The Syrian Electronic Army (SEA) has carried out another high-profile cyberattack, with Microsoft’s Office blog the latest victim.
The group provided evidence of its attack in a series of tweets showing pictures of both the old and new administration pages for the blog, which had recently undergone a redesign, as well as posting several articles entitled, “Hacked by the Syrian Electronic Army” and “Syrian Electronic Army Was Here’ onto the site, which were later removed.
The group had previously used Twitter to warn the company that more attacks may yet happen after some of Microsoft’s social media sites were compromised earlier in the year, saying “We didn’t finish our attack on @Microsoft yet, stay tuned for more.”
The latest attack is the third time this month that the SEA has managed to hijack Microsoft’s social media accounts, following attacks on Microsoft’s official blog and two Twitter accounts. The group also targeted the social media accounts of Microsoft-owned Skype, including its Facebook, Twitter and blog, and posting messages accusing the firm of spying and colluding with governments to share data on its customers.
The SEA tweets also implied that the attackers had hacked employee emails to gain login details for the blog, stating, “Dear @Microsoft, Changing the CMS will not help you if your employees are hacked and they don’t know about that. #SEA”. Microsoft had previously admitted that the SEA had managed to access a ‘small number’ of employee email accounts through a phishing attack, meaning that there could be further attacks to come.
Microsoft has confirmed the compromise in a statement to The Verge, with a spokesperson saying, “A targeted cyberattack temporarily affected the Microsoft Office blog. The account was quickly reset and we can confirm that no customer information was compromised.”
What do you know about Internet security? Find out with our quiz!