The Cybersecurity and Infrastructure Security Agency (CISA) has issued a new emergency directive aimed at U.S. federal agencies in response to the breach of multiple Microsoft corporate email accounts by the Russian APT29 hacking group.
The directive, known as Emergency Directive 24-02, was issued on April 2 to Federal Civilian Executive Branch (FCEB) agencies. It mandates these agencies to conduct investigations into potentially affected emails, reset any compromised credentials, and implement measures to secure privileged Microsoft Azure accounts.
According to CISA, operatives from the Russian Foreign Intelligence Service (SVR) are now utilizing information pilfered from Microsoft’s corporate email systems to gain unauthorized access to certain customer systems. CISA Director Jen Easterly emphasized the urgent need for action to mitigate risks to federal systems, highlighting the longstanding pattern of malicious cyber activity associated with Russia.
Microsoft, in conjunction with the U.S. cybersecurity agency, has notified all federal agencies whose email correspondence with Microsoft was identified as exfiltrated by the Russian hackers.
This emergency directive marks the first official confirmation by the U.S. government that federal agency emails were compromised in the January Microsoft Exchange breaches. Affected agencies are instructed t
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: