Russian hackers steal US government emails with Microsoft, officials confirm
US officials confirmed that Russian hackers backed by the Russian government have stolen emails between US government agencies, and Microsoft through a breach in Microsoft’s system.
Microsoft notified “several agencies” in the US that hackers could have stolen emails Microsoft sent that contained login information, such as usernames or passwords. Eric Goldstein is a senior official with the US Cybersecurity and Infrastructure Security Agency.
Goldstein stated that “at this time we are not aware” of any agency production environment which has been compromised as a result a credential leak. A CISA official said to CNN that there was no proof that hackers were able to use the stolen credentials in order successfully hack into active federal computer systems.
The breach of Microsoft’s emails still forces the tech giant, as well as US cyber officials, to scramble in order to prevent further damage from the alleged Russian agents.
CISA released a “direction of emergency” on Thursday, ordering civilian agencies that could be affected by the hacking to strengthen their defenses. CISA called the risk of exposing agency login credentials “unacceptable” for agencies.
CNN has asked the Russian Embassy to Washington DC for a comment.
The hackers are a notorious cyber-espionage team that US officials previously linked to Russia’s Foreign Intelligence Service.
Microsoft revealed the hacking incident in January, but it has become more serious with each new detail. Microsoft announced in March that hackers had accessed Microsoft’s core systems software and used that information to launch attacks against Microsoft customers.
Hewlett Packard Enterprise announced that the same hackers breached their cloud-based email system a few days after Microsoft revealed the breach. Experts say that the full scope and purpose of this hacking activity are not clear. However, the group behind it has been involved in a number of intelligence gathering campaigns for the Kremlin.
In 2020, it was revealed that the same Russian group had been behind a breach of email systems at several US agencies using software from US contractor SolarWinds. Before the spying operation could be discovered, the hackers had been able to access the email accounts of the Departments of Homeland Security and Justice as well as other agencies for several months.
Russia denies involvement in the activity.
Microsoft’s spokesperson told CNN in a Thursday statement that “as we mentioned in our blog on March 8, as we uncover secrets in our exfiltrated emails, we work with our customers to investigate and mitigate”, a Microsoft representative said. This includes working with CISA to develop an emergency directive that will provide guidance to government organizations.
Microsoft is the target of a new foreign hacking attack targeting US government agencies.
Microsoft made a “cascade of avoidable errors” which allowed Chinese hackers last year to hack into the network of the tech giant and then the email accounts senior US officials, including the secretary for commerce. The review, backed by the US government, was released this month.
No Comments