“Our cybersecurity response teams were quickly engaged in addressing the compromised account and preventing further activity,” Microsoft said in the post.
Addressing allegations by $Lapsus that the group stole Microsoft’s source code, the tech giant said Tuesday that Microsoft’s approach to risk management means that owning the code won’t benefit hackers even if they gain access to it.
“Microsoft does not rely on code secrecy as a security measure, and displaying source code does not increase risk,” Microsoft said.
Microsoft added that the $Lapsus techniques it used in the attack on the company’s systems were consistent with those that Microsoft noted the group was using against other targets.
In the past, Microsoft has said, Lapsus$ has sought to steal individual user credentials to gain access to an organization or corporate network. Then, the group will comb through office collaboration tools like SharePoint, Teams, and Slack to discover other users on the network whose accounts can be targeted to deepen the hack.
According to Microsoft, $Lapsus has been known to listen to conference calls from victims to discuss responding to the breach.
Microsoft described $Lapsus as having a sophisticated understanding of technological supply chains, the understanding of how to use the relationships of one organization or rely on another to its advantage. In addition to technology, communications and information technology support companies, Microsoft said, “$Lapsus targeting of government agencies, manufacturing, higher education, energy, retailers and healthcare was also noted.”