CyberScoop reports that U.S. federal agencies were reported to have received an emergency directive from the Cybersecurity and Infrastructure Security Agency regarding the impact of a Microsoft hack by Russian state-sponsored threat operation Midnight Blizzard, also known as APT29, Cozy Bear, and The Dukes, earlier this year.
Details of the emergency directive have not yet been disclosed to the public but a summary noted mitigations against Midnight Blizzard attacks.
"CISA continues to provide guidance to Federal Civilian Executive Branch agencies regarding actions to secure accounts potentially placed at risk through the Midnight Blizzard campaign disclosed by Microsoft in January 2024. We are working closely with Microsoft to understand the risks to federal agencies and the broader ecosystem in order to provide necessary guidance and information," said CISA spokesperson Scott McConnell.
Such a development comes days after Microsoft was chastised by the Cyber Safety Review Board for its severely lacking security culture and practices, which prompted the Chinese exfiltration of a signing key resulting in Exchange Online compromise.
