Two British Men Arrested for Attempted Cyber Intrusion into Microsoft’s Networks
British law enforcement has apprehended two individuals in connection with a conspiring plot to breach the computer networks of Microsoft, the global tech powerhouse based in the United States. The arrests occurred on June 22, 2017, conducted by detectives from the South East Regional Organised Crime Unit (SEROCU). The suspects are a 22-year-old from Sleaford and a 25-year-old from Bracknell, both apprehended at their residences in Lincolnshire and Bracknell, where various electronic devices were confiscated during searches.
While the specific systems targeted during the attempted intrusion remain unspecified, SEROCU has indicated that the suspects are believed to be affiliated with a larger, international cybercrime operation. This group is suspected of infiltrating Microsoft’s networks between January and March of 2017 with the intention of extracting sensitive customer data. SEROCU Sergeant Rob Bryant emphasized the global reach of this organization and confirmed that the investigation is being coordinated with various international law enforcement agencies.
The investigation is still in its preliminary stages, and authorities are collaborating with Microsoft to ascertain the extent of any potential data access. Notably, Bryant stated that preliminary discussions with Microsoft suggest that customer data has not been compromised.
Both suspects have been charged under the UK’s Computer Misuse Act for conspiracy to gain unauthorized access to protected computer systems. Their identities have yet to be publicly disclosed, as investigations continue to uncover the full scale of the planned breach.
Responding to the arrests, Tom Burt, Microsoft’s Vice President and Deputy General Counsel for the Digital Crimes Unit, expressed satisfaction with the actions taken by UK authorities. Burt underscored the importance of identifying and prosecuting cybercriminals for enhancing overall internet security, stating that no customer data was accessed and affirming the robustness of Microsoft’s security measures.
This case poses serious implications for cybersecurity, exemplifying the ongoing threats to corporate digital infrastructures. The tactics potentially used in this attempted breach align with several techniques outlined in the MITRE ATT&CK framework, including initial access, persistence, and privilege escalation. Such tactics may include exploiting vulnerabilities to gain unauthorized access and maintaining that access for future exploitation.
SEROCU is working alongside Europol, the National Crime Agency’s National Cyber Crime Unit, the FBI, and other cybersecurity teams, focusing on investigating the intrusions and ensuring accountability for those involved. As the investigation unfolds, it serves as a reminder for businesses to remain vigilant in their cybersecurity practices and to understand the evolving landscape of cyber threats.
