Hello, Guest!

Cybersecurity

CISA Issues Emergency Directive Following Microsoft Breach

Cyberthreat response

CISA Issues Emergency Directive Following Microsoft Breach

The Cybersecurity and Infrastructure Security Agency has issued an emergency directive to address a Russian hacking campaign that targeted federal civilian agencies’ email communication with Microsoft.

The directive requires agencies to reset compromised credentials by April 30 and identify affected email correspondence by the same deadline. Affected agencies are also instructed to report their response activities to CISA by May 1, CyberScoop reported.

While no agency compromises have been publicly reported after the credential exposure, CISA is working closely with the FBI to investigate the incident, which was attributed to Russian intelligence-linked group Midnight Blizzard, also known as Cozy Bear or APT29.

Eric Goldstein, CISA’s executive assistant director for cybersecurity, acknowledged the security risks associated with sharing authentication credentials via email and shared that Microsoft has an “ongoing” analysis to identify affected credentials.

Meanwhile, CISA Director Jen Easterly, a 2024 Wash100 awardee, emphasized the urgent need for action to safeguard federal systems, highlighting longstanding Russian cyberthreats. She stressed the importance of collaboration between government agencies and the private sector for enhanced cyberthreat mitigation.

While the directive only applies to federal agencies, the private sector is expected to follow CISA’s recommendations to improve its cybersecurity posture.

Potomac Officers Club Logo
Become a Potomac Officer Club Insider
Sign up for our weekly email & get exclusive event, and speaker updates, and find networking opportunities to connect with GovCon decision makers.

Category: Cybersecurity