U.S. Cybersecurity and Infrastructure Security Agency (CISA) has confirmed that Russian government-backed hackers stole emails from several U.S. federal agencies as a result of an ongoing cyberattack at Microsoft.

In a statement published Thursday, the U.S. cyber agency said the cyberattack, which Microsoft initially disclosed in January, allowed the hackers to steal federal government emails “through a successful compromise of Microsoft corporate email accounts.”

The hackers, which Microsoft calls “Midnight Blizzard,” also known as APT29, are widely believed to work for Russia’s Foreign Intelligence Service, or SVR.

  • @deranger
    link
    47 months ago

    Really? Why aren’t they using mail.mil? Does Google have CAC login?

    • circuscritic
      link
      fedilink
      17 months ago

      Don’t know, you should ask [email protected]

      Jokes aside, any company providing services to the government is going to have met the original RFP requirements.

      Also, they’ll probably have separate infrastructure for military contracts, which I assume was also a requirement of any bid - but that’s just a guess. Someone else can correct me if I’m wrong.

      • @credo
        link
        3
        edit-2
        7 months ago

        It’s called FEDRAMP. Yes, for DoD separate infrastructure is required, but that is not true of all Government agencies. E.g., would BLM really need separate secure infrastructure from the commercial sector? Probably not worth the expense and effort.