Russian hackers were able to steal US government emails after attacking Microsoft
CISA issues emergency directive as emails compromised
Russian hackers have taken advantage of a cyber attack on Microsoft to steal emails from the accounts of officials working in several US federal agencies.
The US Cybersecurity and Infrastructure Security Agency (CISA) revealed in a statement that the breach is a result of the threat actor tracked by Microsoft as ‘MidnightBlizzard’ and known more widely as APT29, which has strong links to the Russian Foreign Intelligence Service.
CISA said that the hackers gained access “through a successful compromise of Microsoft corporate email accounts.”
Perfect espionage opportunity
“Midnight Blizzard’s successful compromise of Microsoft corporate email accounts and the exfiltration of correspondence between agencies and Microsoft presents a grave and unacceptable risk to agencies,” CISA said in the statement, but did not disclose the agencies affected or the breadth of the damage.
An emergency directive was issued by the agency stating that email accounts belonging to civilian government agencies needed to be secured as a result of the attack on Microsoft, upon which many government agencies rely for email communications.
Microsoft first revealed that it was under attack in January 2024, stating that Russian hackers had managed to gain access to corporate email accounts in the cybersecurity and legal departments. The tech giant later confirmed that the breach was not confined, and that corporate accounts belonging to organizations outside of Microsoft were also affected.
Since then, Microsoft has been working to remove all access from the MidnightBlizzard group in what the company has described as an “ongoing attack,” stating that the threat actors “may be using the information it has obtained to accumulate a picture of areas to attack and enhance its ability to do so.”
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
More from TechRadar Pro
- Here is our guide to the best firewalls
- International Monetary Fund warns cyberattacks could trigger bank runs
- Are you in the market for the best endpoint protection software?
Benedict has been writing about security issues for close to 5 years, at first covering geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division). Benedict then continued his studies at a postgraduate level and achieved a distinction in MA Security, Intelligence and Diplomacy. Benedict transitioned his security interests towards cybersecurity upon joining TechRadar Pro as a Staff Writer, focusing on state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.