Popular Articles
Today Week Month Year


Alleged Russian hackers stole email conversations between Microsoft and U.S. federal agencies
By Richard Brown // Apr 19, 2024

United States officials have confirmed that Russian hackers successfully gained access to and pilfered government emails exchanged between Microsoft and federal agencies.

Eric Goldstein, a senior official at the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA), informed reporters that Microsoft had alerted several federal agencies about the potential breach, indicating that the hackers may have obtained login credentials and passwords. (Related: Will hackers cripple America with a cyberattack? Expert says it might happen in 2024.)

Goldstein emphasized that there have been no reported compromises of agency production environments resulting from the credential exposure. Furthermore, a CISA official informed media outlets that there is no current evidence to suggest that the hackers managed to utilize stolen credentials to breach government computer systems.

In response to the security threat, CISA issued an "emergency directive" earlier in the week, advising civilian agencies potentially affected by the breach to enhance their security measures.

According to Microsoft, a Russian state-sponsored hacking group that previously stole sensitive data from Microsoft executives is now attempting to exploit that information to infiltrate the company's source code and other internal systems.

This revelation indicates that the hacking campaign, initially identified by Microsoft in January, had more extensive unauthorized access than initially believed.

Microsoft described the hackers' ongoing attack as marked by a sustained, significant commitment of resources, coordination, and focus, warning of the possibility of further unauthorized access.

We are building the infrastructure of human freedom and empowering people to be informed, healthy and aware. Explore our decentralized, peer-to-peer, uncensorable Brighteon.io free speech platform here. Learn about our free, downloadable generative AI tools at Brighteon.AI. Every purchase at HealthRangerStore.com helps fund our efforts to build and share more tools for empowering humanity with knowledge and abundance.

In February, the hackers intensified their efforts by increasing tenfold the volume of attempted password spray attacks, a technique aimed at breaching high-value accounts by trying multiple passwords on specific usernames.

Additionally, the group is reportedly attempting to exploit secrets shared between Microsoft and its customers through email. Microsoft clarified, however, that there is no evidence to suggest a compromise of its customer-facing systems hosted by the company.

Referred to as "Midnight Blizzard" by Microsoft, the suspected Russian hackers are also known as Cozy Bear and APT29 by industry experts. In February, the U.S., the United Kingdom and other Western allies issued warnings regarding this group, alleging that it has ties to and the backing of the Russian Foreign Intelligence Service.

These warnings highlighted the group's efforts to access cloud environments, targeting various sectors such as aviation, education, law enforcement, government financial departments and military organizations.

This group was previously implicated in the 2021 cyberattack on SolarWinds Corp., where malicious code inserted into a software update facilitated further access to customers. This attack affected approximately 100 companies and nine federal agencies.

Microsoft still battling to keep hackers out of its servers

Meanwhile, Microsoft disclosed last month that it continues to grapple with elite Russian government hackers who infiltrated the email accounts of senior company executives in November.

While the extent of the accessed source code and the capabilities gained by the hackers remain undisclosed, Microsoft revealed that the hackers stole cryptographic secrets, such as passwords, certificates, and authentication keys, from email communications between the company and its customers. The company is now actively reaching out to affected customers to assist in implementing mitigating measures.

Microsoft emphasized that the hackers' ongoing attack displays a sustained commitment of resources, potentially utilizing obtained data to identify vulnerable areas for future attacks. This persistence underscores the unprecedented global threat landscape, especially concerning sophisticated nation-state attacks.

The disclosure comes amidst increased scrutiny of Microsoft's security practices and transparency regarding vulnerabilities and breaches. Some cybersecurity experts express frustration over what they perceive as Microsoft's secrecy and misleading statements regarding security incidents.

Watch this clip showing how alleged Russian hackers were able to get over 30,000 electric vehicles in Lithuania to stop working.

This video is from the Cynthia's Pursuit of Truth channel on Brighteon.com.

More related stories:

Ukrainian intelligence claims Russian hackers are targeting Elon Musk’s Starlink network.

FOREIGN HACKERS target water infrastructure in Pennsylvania, prompting calls for increased cybersecurity.

Chinese hackers exploit Microsoft cloud bug to raid US government email accounts, including the Commerce Secretary’s.

Sources include:

JustTheNews.com

Bloomberg.com

APNews.com

Brighteon.com



Take Action:
Support NewsTarget by linking to this article from your website.
Permalink to this article:
Copy
Embed article link:
Copy
Reprinting this article:
Non-commercial use is permitted with credit to NewsTarget.com (including a clickable link).
Please contact us for more information.
Free Email Alerts
Get independent news alerts on natural cures, food lab tests, cannabis medicine, science, robotics, drones, privacy and more.

NewsTarget.com © 2022 All Rights Reserved. All content posted on this site is commentary or opinion and is protected under Free Speech. NewsTarget.com is not responsible for content written by contributing authors. The information on this site is provided for educational and entertainment purposes only. It is not intended as a substitute for professional advice of any kind. NewsTarget.com assumes no responsibility for the use or misuse of this material. Your use of this website indicates your agreement to these terms and those published on this site. All trademarks, registered trademarks and servicemarks mentioned on this site are the property of their respective owners.

This site uses cookies
News Target uses cookies to improve your experience on our site. By using this site, you agree to our privacy policy.
Learn More
Close
Get 100% real, uncensored news delivered straight to your inbox
You can unsubscribe at any time. Your email privacy is completely protected.