The US government says Midnight Blizzard’s compromise of Microsoft corporate email accounts “presents a grave and unacceptable risk to federal agencies.”
April 11, 2024 By Ryan Naraine
The US cybersecurity agency CISA on Thursday issued an emergency directive mandating that all federal agencies immediately hunt for signs of a known Russian APT that broke into Microsoft’s corporate network and pivoted to steal sensitive correspondence from US government agencies.
The directive comes less than three months after Redmond disclosed the embarrassing hack and confirmed the ‘Midnight Blizzard’ attackers also stole source code and may still be poking around its internal computer systems.
According to the CISA directive, federal agencies must immediately “analyze the content of exfiltrated emails, reset compromised credentials, and take additional steps to ensure authentication tools for privileged Microsoft Azure accounts are secure.”