The United States Cybersecurity and Infrastructure Security Agency revealed in an emergency directive released on Thursday that Russian government-backed hackers exploited their access to Microsoft’s email system to pilfer correspondence between officials and the tech giant.
According to the directive issued on April 2, the agency cautioned that hackers utilized authentication credentials obtained from email systems to launch incursions into Microsoft’s customer networks, including those of unspecified government entities.
This warning of government agencies facing targeting through pilfered Microsoft emails comes on the heels of the tech company’s March announcement that it was grappling with ongoing breaches, dubbed “Midnight Blizzard.”
This disclosure, which sent shockwaves through the cybersecurity community, was followed just last week by a report from the U.S. Cyber Safety Review Board, attributing a separate hack to China and deeming it preventable. The report faulted Microsoft for cybersecurity oversights and a deliberate lack of transparency.
CISA refrained from identifying affected agencies, while Microsoft stated in an email that they were collaborating with customers to investigate and mitigate the situation, including working with CISA on an emergency directive to offer guidance to government entities.
The Russian Embassy in Washington, known for denying involvement in hacking activities, did not respond immediately to a request for comment.
CISA also cautioned that non-governmental organizations might have been targeted as well, urging affected parties to reach out to Microsoft for additional information.
