ECONOMY & WORK
MONEY 101
NEWS
PERSONAL FINANCE
NET WORTH
About Us Contact Us Privacy Policy Terms of Use DMCA Opt-out of personalized ads
© Copyright 2023 Market Realist. Market Realist is a registered trademark. All Rights Reserved. People may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.
MARKETREALIST.COM / NEWS

Midnight Blizzard Targets US Government in Microsoft Hack

A Russian hacker group known as Midnight Blizzard infiltrated US government email correspondence
PUBLISHED APR 16, 2024
Cover Image Source: Getty Images | Photo by Bill Hinton
Cover Image Source: Getty Images | Photo by Bill Hinton

The US Cybersecurity and Infrastructure Security Agency (CISA) revealed that a Russian hacker group known as Midnight Blizzard infiltrated email correspondence between Federal Civilian Executive Branch (FCEB) agencies and Microsoft, following a successful breach of several Microsoft corporate email accounts. The agency’s announcement comes after Microsoft disclosed the hack in January.

Unsplash | Photo by Arget
Image Source: Unsplash | Photo by Arget

According to CISA, the threat actors accessed the information by exfiltrating corporate email data, including authentication details shared between Microsoft customers and the company via email. This allowed them to gain, or attempt to gain, further access to Microsoft customer systems.

In an emergency directive issued on Thursday, April 11, CISA described the compromise as a "grave and unacceptable risk" to the affected agencies and emphasized the urgency of addressing the situation.

Following Microsoft's report in January, which revealed that a Moscow-sponsored hacker group had stolen emails and attached documents and accessed some of the company's source code repositories and internal systems since November 2023, as reported by the Kyiv Post, the US Cybersecurity and Infrastructure Security Agency (CISA) made an announcement.

However, CISA did not specify the extent of the damage or the type of information Midnight Blizzard extracted, but it noted that both the agency and Microsoft had informed the impacted parties.

Microsoft Corporation booth signage is displayed at CES 2023 at the Las Vegas Convention Center | Getty | Photo by David Becker
Image Source: Microsoft Corporation booth signage | Getty | Photo by David Becker

"CISA's Emergency Directive requires agencies to examine the content of the compromised emails, reset compromised credentials, and take additional measures to secure authentication tools for privileged Microsoft Azure accounts," the agency stated.

Microsoft previously identified the group as Midnight Blizzard, a Russian state-sponsored actor known by other names such as Nobelium and Cozy Bear, and linked to Russia’s Foreign Intelligence Service (SVR), according to a June 2022 Microsoft cybersecurity report on Ukraine.

In January, Microsoft stated that the group initially targeted email accounts for information related to Midnight Blizzard. The hacker group is believed to have employed password-spraying attacks, using commonly used passwords across multiple accounts in brute-force attempts. Midnight Blizzard was also responsible for the high-profile 2020 SolarWinds hack, which compromised several US federal agencies.

Pexels | Photo by Tima Miroshnichenko
Image Source: Pexels | Photo by Tima Miroshnichenko

The U.S. Department of State is looking into claims of a cyber incident following the leak of documents reportedly stolen from a government contractor. The company, Acuity, alleged to have been breached, is a technology consulting firm with nearly 400 employees and annual revenue exceeding $100 million.

It offers services such as DevSecOps, IT operations and modernization, cybersecurity, data analytics, and operations support to federal civilian national security clients. "The Department is aware of reports of a cyber incident and is currently investigating," a State Department spokesperson told BleepingComputer.

"The Department is committed to protecting its information and continually works to enhance its cybersecurity measures. For security reasons, we cannot share specific details regarding the nature and scope of the claim."

Cyber privacy losses are turning out to be equivalent to a loss in a ransomware attack. Image Source: Unsplash|Photo by FlyD
 Image Source: Unsplash | Photo by FlyD

The threat actor, known as IntelBroker, claims that the files contain classified information from the Five Eyes intelligence alliance. According to their assertions, the leaked data includes full names, emails, office numbers, personal cell numbers, and email addresses of government, military, and Pentagon employees.

"This data was acquired by breaching Acuity Inc, a company that works closely with the US government and its allies." Since December, IntelBroker has been releasing data it claims to have stolen from various government agencies, including ICE, USCIS, the Department of Defense, and the U.S. Army.

MORE ON MARKET REALIST
While all the Sharks were out, Mark Cuban saw the potential in "Garage Celebrations."
13 hours ago
The loss was ironic as the retired teacher coulnd't get a phrase commonly used in classrooms.
15 hours ago
The recalls were issued for a range of products including tires, air conditioners and power banks.
16 hours ago
The guest who got the item as a gift from a neighbor had little to no idea about its significance.
18 hours ago
Harrison got a good deal for the fossil although it wasn't what he had thought.
1 day ago
The player, Beth Barbee left everyone in the dust with her impressive puzzle solving skills.
1 day ago
Given her celebrity status, Harrison cut her some slack in the negotiations.
1 day ago
The deal ultimately fell apart as the seller, Scotty was looking to get $375,000.
2 days ago
The guest was blown away by the six-figure appraisal for his father's John Falter illustration.
2 days ago
Harvey just couldn't believe that the contestant could come up with an answer like that.
3 days ago
Antoinette's win was even more special because she needed a car more than anything at that point.
3 days ago
The player, Catrice Sandt, nearly blew the Bonus Round puzzle by saying too many words in the end.
4 days ago
The co-founders of Nature's Wild Berry left the Sharks in shock with their miraculous product.
4 days ago
The contestant named Whitney could barely control her emotions as she celebrated with Ryan Seacrest.
4 days ago
The player named Kathy Young missed out on the Showcase Showdown as she had to leave.
5 days ago
Harrison closed a mega deal by scooping up three post cards for the price of one.
5 days ago
The guest who brought his father's prized possesion, had already made up his mind.
5 days ago
Harvey got a genius solution to avoid asking an awkward question to Carson Kressley's family member.
6 days ago
The player could barely control her excitement as she had a near-perfect game on the show.
6 days ago
Harrison knew it was too good of a collection to let go, and he decided to raise the stakes.
7 days ago