In an interview with CNBC’s Jim Cramer on Monday, CrowdStrike CEO George Kurtz delved into the recent high-profile security breach at Microsoft, orchestrated by a Russian intelligence group. Kurtz highlighted the challenges posed by these adversaries, emphasizing their determined “low and slow” approach to hacking.
Microsoft officially disclosed on Friday that the Russian intelligence group, known as Nobelium or alternately as Midnight Blizzard and Cozy Bear, executed the attack. The breach resulted in unauthorized access to email accounts belonging to some of Microsoft’s top executives. Nobelium, believed to be linked to the Russian foreign intelligence service SVR, has a history of attempting to breach the systems of U.S. allies and the Department of Defense. Notably, the group was also responsible for the SolarWinds cyberattack, one of the largest in U.S. history, which included a breach of Microsoft’s technology.
Addressing the nature of the adversary, Kurtz described Nobelium’s tactics as “low and slow,” operating with a level of patience that makes them particularly challenging to combat. He noted the extended timeframe of their campaigns over the years, highlighting the persistent and methodical nature of their operations.
Comparing Nobelium to other foreign adversaries, Kurtz characterized hackers from China or even other Russian groups as “smash and grabs,” emphasizing the contrast in tactics. He underscored the difficulty in detecting Nobelium’s activities due to their patient and prolonged approach.
Kurtz shared insights into CrowdStrike’s methods, explaining that the company uses advanced algorithms to identify these adversaries by stringing together “low signals.” He emphasized that while security is a complex issue, no single company can solve it entirely. CrowdStrike, however, has been successful in stopping Nobelium in the past. Kurtz mentioned that some of Microsoft’s customers seek additional support from CrowdStrike to enhance their security measures.
In closing, Kurtz reiterated the complexity of cybersecurity and emphasized CrowdStrike’s role in addressing and mitigating threats, particularly in safeguarding against breaches and vulnerabilities similar to those experienced by Microsoft.
