The Cybersecurity and Infrastructure Security Agency (CISA) on Thursday confirmed previous reports that Russian-linked hackers had intercepted communications between federal agencies and Microsoft.
The agency issued an emergency directive on Thursday that requires government agencies affected by the breach to “identify the full content of agency communications related to compromised Microsoft accounts and conduct a cybersecurity impact analysis.” It directed the government to take measures including “to take steps to CISA described those behind the breach as a “Russian state-sponsored cyberattacker known as Midnight Blizzard.”
“For years, the U.S. government has documented malicious cyber activity as a standard part of Russia’s strategy. This latest Microsoft breach adds to their long list. We continue to work with our government and private sector partners to protect and defend our systems from this threat activity,” CISA Director Jen Easterly said in a CISA press release.
Microsoft announced in March that Midnight Blizzard had attempted to infiltrate its systems by “obtaining or attempting to obtain unauthorized access using information originally leaked from our corporate email systems.” Microsoft said in January that it had “detected a nation-state attack” on its corporate systems by Midnight Blizzard, and that the hacker had accessed a “small portion” of corporate email accounts.
“It's clear that Midnight Blizzard is looking to capitalize on the different types of secrets it has discovered,” Microsoft said in a March blog post.
These “confidentials” include those shared between Microsoft and customers via email, and the company said it would provide information and assist with mitigation efforts.
Microsoft also said Midnight Blizzard caused the volume of certain types of attacks, such as password spraying, to increase by up to 10x in February. Password spraying is a type of cyberattack that is characterized by repeated attempts to compromise a password on different accounts.
The Hill reached out to Microsoft.
Copyright 2024 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.
