From the Washington Post:
The U.S. government said Thursday that Russian government hackers who recently stole Microsoft emails have obtained passwords and other sensitive material that could allow them to break into multiple U.S. government agencies.
The Cybersecurity and Infrastructure Security Agency, a division of the Department of Homeland Security, on Tuesday ordered a number of undisclosed government agencies to change captured logins and investigate what else was at risk. issued an unusually binding directive. The directive was made public Thursday after recipients began beefing up their defenses. “The successful compromise of Microsoft corporate email accounts and the exfiltration of communications between government agencies and Microsoft poses a significant and unacceptable risk to government agencies,” CISA said. “This emergency directive requires government agencies to take additional steps to analyze the content of leaked emails, reset compromised credentials, and secure authentication tools for privileged Microsoft Azure accounts. We require that you take the following steps.”
According to the article, “CISA officials told reporters it was not immediately clear whether the hackers associated with the Russian military intelligence agency SVR obtained anything from the raided agency.” And the article added that CISA “did not elaborate on the extent of the risks to national interests.”
But the agency's deputy director for cybersecurity told the newspaper that “the potential for compromise of federal credentials… poses an immediate risk to federal businesses, which is why this directive and its actions are necessary.”
Microsoft's Windows operating system, Outlook email, and other software are used throughout the U.S. government, giving the Redmond, Wash.-based company significant responsibility for the cybersecurity of federal employees and their jobs. I am. But the long-standing relationship is increasingly showing signs of strain… [T]This breach is one of the few significant intrusions at the company that has exposed many other companies to potential hacking. In another incident, Chinese government hackers breached the security of Microsoft's cloud software products and stole emails from employees at the State and Commerce Departments, leading to major calls for the company to overhaul its corporate culture last week. A major federal review was conducted. The board said it had allowed “a cascade of avoidable errors”.
