Alleged Russian hackers stole email conversations between Microsoft and U.S. federal agencies
04/19/2024 // Richard Brown // Views

United States officials have confirmed that Russian hackers successfully gained access to and pilfered government emails exchanged between Microsoft and federal agencies.

Eric Goldstein, a senior official at the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA), informed reporters that Microsoft had alerted several federal agencies about the potential breach, indicating that the hackers may have obtained login credentials and passwords. (Related: Will hackers cripple America with a cyberattack? Expert says it might happen in 2024.)

Goldstein emphasized that there have been no reported compromises of agency production environments resulting from the credential exposure. Furthermore, a CISA official informed media outlets that there is no current evidence to suggest that the hackers managed to utilize stolen credentials to breach government computer systems.

In response to the security threat, CISA issued an "emergency directive" earlier in the week, advising civilian agencies potentially affected by the breach to enhance their security measures.

According to Microsoft, a Russian state-sponsored hacking group that previously stole sensitive data from Microsoft executives is now attempting to exploit that information to infiltrate the company's source code and other internal systems.

This revelation indicates that the hacking campaign, initially identified by Microsoft in January, had more extensive unauthorized access than initially believed.

Microsoft described the hackers' ongoing attack as marked by a sustained, significant commitment of resources, coordination, and focus, warning of the possibility of further unauthorized access.

Human knowledge is under attack! Governments and powerful corporations are using censorship to wipe out humanity's knowledge base about nutrition, herbs, self-reliance, natural immunity, food production, preparedness and much more. We are preserving human knowledge using AI technology while building the infrastructure of human freedom. Speak freely without censorship at the new decentralized, blockchain-power Brighteon.io. Explore our free, downloadable generative AI tools at Brighteon.AI. Support our efforts to build the infrastructure of human freedom by shopping at HealthRangerStore.com, featuring lab-tested, certified organic, non-GMO foods and nutritional solutions.

In February, the hackers intensified their efforts by increasing tenfold the volume of attempted password spray attacks, a technique aimed at breaching high-value accounts by trying multiple passwords on specific usernames.

Additionally, the group is reportedly attempting to exploit secrets shared between Microsoft and its customers through email. Microsoft clarified, however, that there is no evidence to suggest a compromise of its customer-facing systems hosted by the company.

Referred to as "Midnight Blizzard" by Microsoft, the suspected Russian hackers are also known as Cozy Bear and APT29 by industry experts. In February, the U.S., the United Kingdom and other Western allies issued warnings regarding this group, alleging that it has ties to and the backing of the Russian Foreign Intelligence Service.

These warnings highlighted the group's efforts to access cloud environments, targeting various sectors such as aviation, education, law enforcement, government financial departments and military organizations.

This group was previously implicated in the 2021 cyberattack on SolarWinds Corp., where malicious code inserted into a software update facilitated further access to customers. This attack affected approximately 100 companies and nine federal agencies.

Microsoft still battling to keep hackers out of its servers

Meanwhile, Microsoft disclosed last month that it continues to grapple with elite Russian government hackers who infiltrated the email accounts of senior company executives in November.

While the extent of the accessed source code and the capabilities gained by the hackers remain undisclosed, Microsoft revealed that the hackers stole cryptographic secrets, such as passwords, certificates, and authentication keys, from email communications between the company and its customers. The company is now actively reaching out to affected customers to assist in implementing mitigating measures.

Microsoft emphasized that the hackers' ongoing attack displays a sustained commitment of resources, potentially utilizing obtained data to identify vulnerable areas for future attacks. This persistence underscores the unprecedented global threat landscape, especially concerning sophisticated nation-state attacks.

The disclosure comes amidst increased scrutiny of Microsoft's security practices and transparency regarding vulnerabilities and breaches. Some cybersecurity experts express frustration over what they perceive as Microsoft's secrecy and misleading statements regarding security incidents.

Watch this clip showing how alleged Russian hackers were able to get over 30,000 electric vehicles in Lithuania to stop working.

This video is from the Cynthia's Pursuit of Truth channel on Brighteon.com.

More related stories:

Ukrainian intelligence claims Russian hackers are targeting Elon Musk’s Starlink network.

FOREIGN HACKERS target water infrastructure in Pennsylvania, prompting calls for increased cybersecurity.

Chinese hackers exploit Microsoft cloud bug to raid US government email accounts, including the Commerce Secretary’s.

Sources include:

JustTheNews.com

Bloomberg.com

APNews.com

Brighteon.com



Take Action:
Support Natural News by linking to this article from your website.
Permalink to this article:
Copy
Embed article link:
Copy
Reprinting this article:
Non-commercial use is permitted with credit to NaturalNews.com (including a clickable link).
Please contact us for more information.
Free Email Alerts
Get independent news alerts on natural cures, food lab tests, cannabis medicine, science, robotics, drones, privacy and more.
App Store
Android App
eTrust Pro Certified

This site is part of the Natural News Network © 2022 All Rights Reserved. Privacy | Terms All content posted on this site is commentary or opinion and is protected under Free Speech. Truth Publishing International, LTD. is not responsible for content written by contributing authors. The information on this site is provided for educational and entertainment purposes only. It is not intended as a substitute for professional advice of any kind. Truth Publishing assumes no responsibility for the use or misuse of this material. Your use of this website indicates your agreement to these terms and those published here. All trademarks, registered trademarks and servicemarks mentioned on this site are the property of their respective owners.

This site uses cookies
Natural News uses cookies to improve your experience on our site. By using this site, you agree to our privacy policy.
Learn More
Close
Get 100% real, uncensored news delivered straight to your inbox
You can unsubscribe at any time. Your email privacy is completely protected.