U.S. cybersecurity agency warns Russian state-backed hackers targeted Microsoft emails containing federal correspondence

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) publicly issued Emergency Directive 24-02, citing the Russian state-sponsored cyber actor Midnight Blizzard

Published - April 12, 2024 02:32 pm IST

Emergency Directive 24-02 was issued on April 2, and it requires agencies to analyse emails that may have been impacted [File]

Emergency Directive 24-02 was issued on April 2, and it requires agencies to analyse emails that may have been impacted [File] | Photo Credit: REUTERS

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive on Thursday as it warned that the Russian state-sponsored cyber actor Midnight Blizzard was targeting Microsoft corporate email accounts, and potentially trying to access correspondence with Federal Civilian Executive Branch (FCEB) agencies.

“Midnight Blizzard is using information initially exfiltrated from Microsoft corporate email systems, including authentication details shared between Microsoft customers and Microsoft by email, to gain, or attempt to gain, additional access to certain Microsoft customer systems,” said CISA’s post, adding that they have notified affected federal agencies.

Emergency Directive 24-02 was issued on April 2, and it requires agencies to analyse emails that may have been impacted, as well as reset the compromised credentials while also stepping up the security for privileged Microsoft Azure accounts.

(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)

CISA is especially concerned about the impact of the breach on Federal Civilian Executive Branch (FCEB) agencies, but warned that all other organisations should stay in touch with Microsoft and follow security practices such as setting up strong passwords, using multifactor authentication (MFA), and sending information only through secure channels.

Both Russian and Chinese hackers have in the past tried to exploit Microsoft’s professional offerings such as its corporate email service and Teams video collaboration platform, in order to access high-level information sent between U.S. government entities.

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.