The US government's Cybersecurity and Infrastructure Security Agency (CISA) warns that Russian spies who gained access to Microsoft's email system were able to steal sensitive data, including authentication details. Immediate remedial action is required by affected agencies.
The US government's Cybersecurity and Infrastructure Security Agency warns that Russian spies who gained access to Microsoft 's email system were able to steal sensitive data , including authentication details and that immediate remedial action is required by affected agencies.
dated April 2 but only just disclosed, CISA warned that state-sponsored operatives had managed to exfiltrate email correspondence between Federal Civilian Executive Branch agencies and Microsoft itself following the breach of Redmond's internal systems The culprits, identified as Midnight Blizzard but also known as Cozy Bear, were able to glean information that was shared between customers and Microsoft by email, including authentication details. According to CISA, these are now being used to attempt to gain access to other systems, including those of Microsoft customers. In response, Emergency Directive ED 24-02 issued by CISA requires federal agencies to wade through and analyze the content of exfiltrated emails, reset any compromised credentials, and take additional steps to ensure authentication tools for privileged Microsoft Azure accounts are secure. CISA instructed agencies to report status across all required actions by April 8, plus provide a further status update by May 1. They additionally have to provide weekly updates on remediation actions until completion. It has provided the agencies with a reporting template and instructions for this purpose. Microsoft and CISA said they have already notified all federal agencies whose email correspondence with Microsoft was identified as exfiltrated by Midnight Blizzard. The software giant reportedly agreed to provide all affected agencies with metadata regarding exfiltrated emails that contain credentials, and will also supply CISA with metadata for all exfiltrated federal agency correspondence, upon the request of the National Cyber Investigative Joint Task Force, which is led by the FBI.Microsoft slammed for lax security that led to China's cyber-raid on Exchange OnlineMicrosoft also stated that Midnight Blizzard has increased the volume of its intrusion attempts, such as password spraying attacks, as much as tenfold during February, compared with an already considerable volume of attempts observed in January 2024. "Microsoft's lackadaisical security practices and negligent approach to disclosure have national security implications, and should alarm their commercial clients, which don't necessarily have the voice or get the attention that the US government might," commented Amit Yoran, chairman and CEO of cybersecurity biz Tenable. "Unfortunately it's not surprising to learn that Midnight Blizzard's intrusion campaign escalated after initially being discovered. Given Microsoft's consistent track record of partial disclosure, misleading statements and downplaying security incidents, it was only a matter of when the other shoe would drop," he added. We asked Microsoft for its reaction to this latest development, and will report back if we get an answer. In the meantime, CISA aims to provide a report by September 1 to the Secretary of Homeland Security and the Director of the Office of Management and Budget, identifying cross-agency status and outstanding issues. A copy will also go to the National Cyber Director, it said. ®20Microsoft thinks bundles are great and customers love them
US Government CISA Russian Spies Microsoft Email System Sensitive Data Authentication Details Remedial Action Breach Midnight Blizzard Cozy Bear Exfiltrate Customers Systems
United Kingdom Latest News, United Kingdom Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Spies Add Two More Towns to Targets for Russian BombersIntelligence sources have warned that two towns in the south of England have been added to the list of targets for long-range Russian bombers. The list, passed to a British intelligence officer by a Russian agent, includes details of military airfields and the number of aircraft allocated to the operation.
Read more »
UK spies probe fears of Vladimir Putin was behind Greggs IT glitch that shut stores...Greggs stores forced to close as technical issue halts payments
Read more »
British spies are battling hackers from China and Russia around the clock, intelligence agency boss reveals...Chinese hackers access 40 MILLION Brit voters’ personal details in shocking strike at heart of our democracy
Read more »
What to make of China’s massive cyber-espionage campaignAmerica and others offer rich details of what Chinese spies are up to
Read more »
Russian Honeytrap Plots Fail on French Spies Due to Casual Flings, Documentary RevealsA bombshell documentary uncovers that Russian honeytrap plots do not work on French spies due to their numerous casual flings. French spies reveal that Russians tried to force them to switch sides by threatening to expose their romances to their wives. The documentary also explores the Directorate-General for External Security (DGSE) and former French spy chief Bernard Emié's claims about France's awareness of Russia's invasion of Ukraine.
Read more »
Microsoft breach allowed Russian spies to steal emails from US governmentAffected federal agencies must comb through mails, reset API keys and passwords
Read more »