The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a statement after a Russian hacker group known as Midnight Blizzard compromised numerous Microsoft corporate email accounts. “E-mail communications were stolen.”
“The attackers used information initially leaked from the corporate email system, including authentication details shared in emails between Microsoft customers and Microsoft, to gain additional access to Microsoft customer systems. or trying to obtain it.
“Midnight Blizzard's successful compromise of Microsoft corporate email accounts and the exfiltration of communications between government agencies and Microsoft poses a significant and unacceptable risk to government agencies,” the Thursday, April 11, CISA emergency directive states. It is written, “It is bringing.''
The announcement comes as the Kyiv Post reported that a Moscow-backed hacker group had “stolen some emails and attachments” since November 2023 and “randomly compromised the company's source code repository and internal systems.” This follows Microsoft's report in January that the company had accessed the
CISA has not disclosed the extent of the damage or the nature of the information that Midnight Blizzard was able to successfully breach, but both CISA and Microsoft have notified affected government agencies, and CISA is currently working with each government agency. He said he is asking the government to review and strengthen its security measures.
“This emergency directive requires government agencies to analyze the content of leaked emails, reset compromised credentials, and take additional steps to secure authentication tools for privileged Microsoft Azure accounts. CISA states.
Other interesting topics
Kremlin announces rescue of Trap 13 from Russian mine disaster
A rockfall at one of Russia's largest gold mines in Russia's Far East trapped 13 miners on Monday, with rescue efforts beginning the next day.
According to Microsoft's cybersecurity report on Ukraine for June 2022, Microsoft previously identified the group as the Russian state-backed group Midnight, also known as Nobelium and Cozy Bear, which is associated with the Russian Foreign Intelligence Service (SVR).・It was identified as Blizzard.
The company's January announcement said the group “initially targeted email accounts to obtain information related to Midnight Blizzard itself.”
The group is believed to be utilizing password spray attacks, which use the same commonly used password for multiple accounts in a brute force attack.
Midnight Blizzard was also the group behind the 2020 SolarWinds hack that compromised multiple U.S. federal agencies.
