CISA Reveals Hackers Linked to Russia Tapped Into Govt. Talks With Microsoft

It’s been confirmed: Hackers who are linked to Russia were able to tap into correspondence that took place between Microsoft and U.S. federal agents.

That information was confirmed on Thursday by officials at the Cybersecurity and Infrastructure Security Agency.

The agency publicly issued an emergency directive this week, telling all the agencies that were affected by this breach that they should take immediate actions, including “steps to identify the full content of the agency correspondence with compromised Microsoft accounts and perform a cybersecurity impact analysis.”

CISA further said that the ones responsible for the breach are part of a state-sponsored cyber group in Russia called Midnight Blizzard.

In a press release sent out by CISA, Jen Easterly, the director of the agency, said:

“For several years, the U.S. government has documented malicious cyber activity as a standard part of the Russian playbook; this latest compromise of Microsoft adds to their long list.

“We will continue efforts in collaboration with our federal government and private sector partners to protect and defend our systems from such threat activity.”

In March, Microsoft announced that the Midnight Blizzard group was attempting to breach systems by “using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorized access.”

That followed a notice sent out in January that Microsoft “detected a nation-state attack” on corporate systems it owns from that same group. In that attack, the hackers were able to gain access to only “a very small percentage” of Microsoft’s corporate email accounts, the company said.

In a follow-up blog post, Microsoft officials wrote:

“It is apparent that Midnight Blizzard is attempting to use secrets of different types it has found.”

Some of the “secrets” referred to here include ones that Microsoft has shared via email with customers. The tech company has already said it will inform its customers about the breach and assist them with any measures to mitigate damage.

Microsoft further said that the Russian hacking group increased the number of specific attack types — such as password sprays — by up to 10 times in February alone.

This type of cyberattack uses a repetitive password on multiple accounts to try to gain access to them.

Cyberattacks are nothing new to Russia, of course, but they’re becoming increasingly more worrisome for the American people and the American government.

Some of these more notorious hacking “gangs” are targeting high-level government systems to gain access to who knows what. If they were able to gain access to very sensitive information, there’s no telling what they might be able to do with it.

This has become even more pressing as the 2024 election draws nearer. There was obviously a lot of talk about Russia interfering with the 2016 election, and then again in 2020.

With a very important election cycle coming up in just a few months, it’s essential that the U.S. does everything possible to prevent Russia from influencing the outcome.