CISA says hackers used Microsoft access to steal government emails

0
112
CISA says hackers used Microsoft access to steal government emails
CISA says hackers used Microsoft access to steal government emails

In an email, Microsoft stated that it was “working with our customers to help them investigate and mitigate. This includes working with CISA on an emergency directive to provide guidance to government agencies.”

An emergency directive issued on Thursday by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed that Russian government-backed hackers had exploited their access to Microsoft’s email system to collect correspondence between officials and the software giant.

The agency issued a warning on April 2 in the directive, stating that hackers were attempting to access Microsoft’s customer systems, including those of an undisclosed number of government entities, by using email-shared authentication data.

The alert stating that government institutions are being targeted by stolen Microsoft emails comes after the business declared in March that it was still battling the hackers, dubbed “Midnight Blizzard.”

Following that revelation, which sent shockwaves through the cybersecurity community, the U.S. Cyber Safety Review Board released a report last week that found that a different hack, which was attributed to China, could have been avoided. The report blamed the company for cybersecurity failings and a willful lack of transparency.

CISA refused to identify the agencies that could have been impacted. In an email, Microsoft stated that it was “working with our customers to help them investigate and mitigate. This includes working with CISA on an emergency directive to provide guidance to government agencies.”

A message requesting comment was not immediately answered by the Russian Embassy in Washington, which has previously denied being responsible for cyber activities.

CISA issued a warning, suggesting the hackers may have also targeted non-governmental organizations.

“Other organizations may also have been impacted by the exfiltration of Microsoft corporate email,” CISA said, encouraging customers to contact Microsoft for further details.

Also readNurturing Responsible Online Behavior in Students by Building a Culture of Digital Citizenship

Do FollowCIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter 

About us:

CIO News, a proprietary of Mercadeo, produces award-winning content and resources for IT leaders across any industry through print articles and recorded video interviews on topics in the technology sector such as Digital Transformation, Artificial Intelligence (AI), Machine Learning (ML), Cloud, Robotics, Cyber-security, Data, Analytics, SOC, SASE, among other technology topics.