The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive revealing that Russian government-backed hackers exploited Microsoft‘s email system to pilfer correspondence, as disclosed on Thursday.
Dated April 2, the directive warned of hackers using shared authentication details to infiltrate Microsoft’s customer systems, including unspecified government agencies.
This revelation follows Microsoft’s acknowledgment in March of ongoing struggles against the intruders, referred to as “Midnight Blizzard.”
A subsequent report from the U.S. Cyber Safety Review Board attributed a separate hack to China, deeming it preventable and criticizing Microsoft for cybersecurity lapses and lack of transparency.
CISA refrained from specifying the affected agencies, while Microsoft confirmed collaboration with customers to investigate and mitigate the breach.
The Russian Embassy in Washington, typically denying involvement in hacking campaigns, remained silent on the matter.
CISA also cautioned that the hackers might have targeted non-governmental groups as well. They encouraged affected organizations to contact Microsoft for further details and assistance in mitigating the breach.
Despite the lack of specific agency names, the breach underscores the persistent threat posed by state-sponsored cyberattacks.
Collaboration between government agencies, private sector entities, and cybersecurity experts is important to detect, respond to, and mitigate such threats effectively.
