Skip to main content

Home  »  Business NewsUS business news   »   US Agencies At Risk After Russian Hackers Attack Microsoft

US Agencies At Risk After Russian Hackers Attack Microsoft

Microsoft sign

The US government has confirmed that Russian government hackers have hit Microsoft corporate emails, exposing several federal agencies to potential security threats. 

The Cybersecurity and Infrastructure Security Agency (CISA), part of the Department of Homeland Security, issued a binding directive on Tuesday, April 9.

It was found the hackers had accessed passwords and other sensitive materials that could enable them to infiltrate various US government bodies. 

CISA described the breach as posing a "grave and unacceptable risk" and has required a thorough examination of the stolen emails.

It has also carried out a reset of compromised credentials, and added additional security measures for privileged accounts in Microsoft Azure.

The US government uses Microsoft’s Windows operating system and Outlook email services.

It gives the company significant cybersecurity responsibilities for federal employees and their work.

However, this breach has strained the long-standing relationship between Microsoft and the government.

Hackers are called Midnight Blizzard

The tech giant initially disclosed the breach in January. 

The potential scope includes government agencies, major corporate clients, and resellers of Microsoft products. 

The group responsible is called Midnight Blizzard and known in security circles as Cozy Bear or APT29.

It is linked to the Russian military intelligence agency SVR. 

This group is notorious for its sophisticated cyber operations.

These include the SolarWinds attack in 2020 and the DNC hack during the 2016 presidential campaign.

Need Career Advice? Get employment skills advice at all levels of your career

CISA has not specified the number of agencies impacted nor detailed the full extent of the potential threats to national security. 

Eric Goldstein, executive assistant director for cybersecurity, said: "The potential for exposure of federal authentication credentials to the Midnight Blizzard actor does pose an exigent risk to the federal enterprise, hence the need for this directive and the actions therein.”

This incident adds to a series of severe security breaches at Microsoft, which have prompted broader concerns and led to calls for significant changes within the company. 

Last week, a major federal review triggered by another breach involving Chinese hackers demanded a comprehensive overhaul of Microsoft’s security practices to prevent similar incidents in the future.

Follow us on YouTubeXLinkedIn, and Facebook


Most Read News