Federal government affected by Russian breach of Microsoft | CyberScoop<\/title> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/federal-government-russian-breach-microsoft\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Federal government affected by Russian breach of Microsoft\"> <meta property=\"og:description\" content=\"U.S. cybersecurity officials issued an emergency directive this week to address a breach by Russian operatives of Microsoft first disclosed in January.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/federal-government-russian-breach-microsoft\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2024-04-04T20:07:19+00:00\"> <meta property=\"article:modified_time\" content=\"2024-04-04T20:10:16+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-3.jpg\"> <meta property=\"og:image:width\" content=\"1024\"> <meta property=\"og:image:height\" content=\"683\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"mbracken\"> <meta name=\"twitter:card\" content=\"summary_large_image\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1712084567g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress-next\/dist\/css\/related-posts-block-styles.min.css?m=1710965597g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1711866546g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=74528d75ce0daeb8628a\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/79997\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.5\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=79997\">\n<link rel=\"alternate\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Ffederal-government-russian-breach-microsoft%2F\">\n<link rel=\"alternate\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Ffederal-government-russian-breach-microsoft%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-79997 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/federal-government-russian-breach-microsoft\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"23.1875\">\n<div class=\"single-article__header-content\" readability=\"28.430034129693\">\n<p> U.S. cybersecurity officials issued an emergency directive this week to address a breach by Russian operatives of Microsoft first disclosed in January. <\/p>\n<\/p><\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"427\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft.jpg?resize=640%2C427&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-3.jpg 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-3.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-3.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-3.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-3.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-3.jpg?resize=505,337 505w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-3.jpg?resize=1012,675 1012w\" sizes=\"(max-width: 1012px) 100vw, 1012px\"><figcaption> The Microsoft logo is seen at an Experience Center on Fifth Avenue on April 3, 2024, in New York City. (Photo by Michael M. Santiago\/Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"40.265055131467\"><body readability=\"82.751222765674\"><\/p>\n<p>The Cybersecurity and Infrastructure Security Agency issued an emergency directive this week to address the impact on federal agencies from a breach of Microsoft carried out by a hacking unit linked to Russia\u2019s foreign intelligence agency, according to three government officials familiar with the matter. <\/p>\n<p>In a briefing Tuesday, CISA executives discussed with federal officials an operation believed to have been carried out by the hacking group known as Midnight Blizzard and discussed the directive.<\/p>\n<p>\u201cCISA continues to provide guidance to Federal Civilian Executive Branch agencies regarding actions to secure accounts potentially placed at risk through the Midnight Blizzard campaign disclosed by Microsoft in January 2024,\u201d Scott McConnell, a spokesperson for the agency, told Scoop News Group<strong> <\/strong>on Wednesday. \u201cWe are working closely with Microsoft to understand the risks to federal agencies and the broader ecosystem in order to provide necessary guidance and information.\u201d<\/p>\n<p>The emergency directive, dated April 2, has been issued to federal agencies but has not yet been made public. Scoop News Group viewed a summary of the directive, which is focused on mitigating activity related to Midnight Blizzard.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The emergency directive is the latest indication of the growing impact of the Russian operation. When Microsoft first <a href=\"https:\/\/msrc.microsoft.com\/blog\/2024\/01\/microsoft-actions-following-attack-by-nation-state-actor-midnight-blizzard\/\">disclosed<\/a> the operation in January, the company said Russian operatives had succeeded in accessing emails belonging to senior company executives. In March, the <a href=\"https:\/\/msrc.microsoft.com\/blog\/2024\/03\/update-on-microsoft-actions-following-attack-by-nation-state-actor-midnight-blizzard\/\">company said<\/a> the breach was more severe than initially understood and that Russian operatives had also succeeded in accessing Microsoft source code. <\/p>\n<p>According to Microsoft\u2019s accounting of events, Midnight Blizzard is attempting to use \u201csecrets\u201d that \u201cwere shared between customers and Microsoft\u201d in email messages obtained by the hackers. \u201cAs we discover them in our exfiltrated email, we have been and are reaching out to these customers to assist them in taking mitigating measures,\u201d Microsoft wrote in its March blog post. <\/p>\n<p>In response to Scoop News Group questions Thursday, Microsoft said that as the company discovers \u201csecrets in our exfiltrated email we are working with our customers to help them investigate and mitigate any impacts. This includes working with CISA on an emergency directive to provide guidance to government agencies.\u201d <\/p>\n<p>The emergency directive comes amid growing concerns in Washington about Microsoft\u2019s security posture and the impact on the federal government in a string of breaches targeting the company that have been carried out by both Russian and Chinese hackers. <\/p>\n<p>In <a href=\"https:\/\/cyberscoop.com\/microsoft-csrb-china-hacking\/\">a report<\/a> published Tuesday examining the theft of a Microsoft signing key by a Chinese hacking crew, the Cyber Safety Review Board leveled scathing criticism at the company for what it described as \u201ca corporate culture that deprioritized both enterprise security investments and rigorous risk management.\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>CSRB\u2019s report focused on a Chinese attack on a Microsoft email system known as Exchange Online but also made note of the more recent operation carried out by Midnight Blizzard that is the subject of this week\u2019s emergency directive. <\/p>\n<p>\u201cWhile this second intrusion was outside of the scope of the Board\u2019s current review, the Board is troubled that this new incident occurred months after the Exchange Online compromise covered in this review,\u201d the board wrote. \u201cThis additional intrusion highlights the Board\u2019s concern that Microsoft has not yet implemented the necessary governance or prioritization of security to address the apparent security weaknesses and control failures within its environment and to prevent similar incidents in the future.\u201d<\/p>\n<p>Midnight Blizzard is Microsoft\u2019s name for a Russian state-sponsored hacking unit that the <a href=\"https:\/\/www.cisa.gov\/news-events\/cybersecurity-advisories\/aa24-057a\">U.S.<\/a> and <a href=\"https:\/\/www.ncsc.gov.uk\/news\/svr-cyber-actors-adapt-tactics-for-initial-cloud-access?ref=thestack.technology\">U.K.<\/a> governments have said works under the Foreign Intelligence Service of the Russian Federation (SVR). Also tracked as APT29, the Dukes, or <a href=\"https:\/\/cyberscoop.com\/tag\/cozy-bear\/\">Cozy Bear<\/a>, the cyberespionage-focused group is perhaps best known for the 2015 and 2016 <a href=\"https:\/\/www.crowdstrike.com\/blog\/bears-midst-intrusion-democratic-national-committee\/\">hack<\/a> of the Democratic National Committee, as well as the <a href=\"https:\/\/cyberscoop.com\/russian-hacking-treasury-commerce-fireeye\/\">2020 SolarWinds attack<\/a>, which netted the hackers access to <a href=\"https:\/\/fedscoop.com\/solarwinds-recap-federal-agencies-caught-orion-breach\/\">multiple federal agencies<\/a>\u2019 networks and email systems.<\/p>\n<p>The group is \u201cextremely prolific\u201d in targeting entities around the world, according to <a href=\"https:\/\/www.mandiant.com\/resources\/blog\/apt29-continues-targeting-microsoft\">a 2022 Mandiant report<\/a>, which noted the group\u2019s \u201cexceptional operational security and advanced tactics targeting Microsoft365.\u201d<\/p>\n<p><em>Madison Alder contributed reporting.<\/em><\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"0.8110599078341\">\n<div class=\"author-card\" readability=\"9\">\n<p><h4 class=\"author-card__name\">Written by Rebecca Heilweil, Tim Starks, AJ Vicens and Elias Groll<\/h4>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<div class=\"popular-stories__stories\">\n<div class=\"popular-stories__cards\">\n<article class=\"post-item post-item--popular-stories-cards \" readability=\"21.435114503817\">\n<figure class=\"post-item__thumbnail\"> <a class=\"post-item__thumbnail-link\" href=\"https:\/\/cyberscoop.com\/cozy-bear-russia-spearphishing-germany\/\" tabindex=\"-1\"> <img data-recalc-dims=\"1\" loading=\"lazy\" width=\"505\" height=\"337\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft.webp?resize=505%2C337&ssl=1\" class=\"attachment-ratio-16-9-md size-ratio-16-9-md wp-post-image\" alt decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-4.jpg 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-4.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-4.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-4.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-4.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-4.jpg?resize=505,337 505w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-4.jpg?resize=1012,675 1012w\" sizes=\"auto, (max-width: 505px) 100vw, 505px\"> <\/a><figcaption class=\"screen-reader-text\"> People form a peace sign with candles ahead of a rally marking the eve of the second anniversary of Russia\u2019s invasion of Ukraine, in front of the Reichstag, the building housing the Bundestag (German lower house of parliament) in Berlin on Feb. 23, 2024. (Photo by ODD ANDERSEN\/AFP via Getty Images) <\/figcaption><\/figure>\n<header class=\"post-item__meta\" readability=\"2.0540540540541\">\n<h3 class=\"post-item__title\"> <a class=\"post-item__title-link\" href=\"https:\/\/cyberscoop.com\/cozy-bear-russia-spearphishing-germany\/\"> German political party targeted by SVR-linked group in spearphishing campaign, Mandiant says <\/a> <\/h3>\n<p> The group may have been seeking insights on shifting European sentiments on Ukraine, threat analysts suggest. <\/p>\n<div class=\"post-item__byline\"> <span class=\"post-item__author\"> <span>By <\/span> <a class=\"post-item__author-link\" href=\"https:\/\/cyberscoop.com\/author\/derek-johnson\/\"> Derek B. Johnson <\/a> <\/span> <\/div>\n<p> <\/header>\n<p> <\/article>\n<article class=\"post-item post-item--popular-stories-cards \">\n<figure class=\"post-item__thumbnail\"> <a class=\"post-item__thumbnail-link\" href=\"https:\/\/cyberscoop.com\/microsoft-cozy-bear-russia\/\" tabindex=\"-1\"> <img data-recalc-dims=\"1\" loading=\"lazy\" width=\"252\" height=\"168\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-1.jpg?resize=252%2C168&ssl=1\" class=\"attachment-ratio-16-9-sm size-ratio-16-9-sm wp-post-image\" alt decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-5.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-5.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-5.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-5.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-5.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-5.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-5.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-5.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-5.jpg?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-5.jpg?resize=1265,843 1265w\" sizes=\"auto, (max-width: 252px) 100vw, 252px\"> <\/a><figcaption class=\"screen-reader-text\"> People visit the U.S. technology company Microsoft\u2019s stand during the Mobile World Congress, the telecom industry\u2019s biggest annual gathering, in Barcelona on February 26, 2024. (Photo by Josep LAGO \/ AFP) <\/figcaption><\/figure>\n<header class=\"post-item__meta\">\n<h3 class=\"post-item__title\"> <a class=\"post-item__title-link\" href=\"https:\/\/cyberscoop.com\/microsoft-cozy-bear-russia\/\"> Russian hackers accessed Microsoft source code <\/a> <\/h3>\n<div class=\"post-item__byline\"> <span class=\"post-item__author\"> <span>By <\/span> <a class=\"post-item__author-link\" href=\"https:\/\/cyberscoop.com\/author\/elias-groll\/\"> Elias Groll <\/a> <\/span> <\/div>\n<p> <\/header>\n<p> <\/article>\n<article class=\"post-item post-item--popular-stories-cards \">\n<figure class=\"post-item__thumbnail\"> <a class=\"post-item__thumbnail-link\" href=\"https:\/\/cyberscoop.com\/russian-foreign-intelligence-hackers-gain-access-to-top-microsoft-officials\/\" tabindex=\"-1\"> <img data-recalc-dims=\"1\" loading=\"lazy\" width=\"256\" height=\"168\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-2.jpg?resize=256%2C168&ssl=1\" class=\"attachment-ratio-16-9-sm size-ratio-16-9-sm wp-post-image\" alt decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-6.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-6.jpg?resize=300,197 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-6.jpg?resize=768,504 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-6.jpg?resize=1024,672 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-6.jpg?resize=1536,1008 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-6.jpg?resize=600,394 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-6.jpg?resize=256,168 256w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-6.jpg?resize=514,337 514w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-6.jpg?resize=1029,675 1029w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/federal-government-affected-by-russian-breach-of-microsoft-6.jpg?resize=1285,843 1285w\" sizes=\"auto, (max-width: 256px) 100vw, 256px\"> <\/a><figcaption class=\"screen-reader-text\"> The corporate logo for Microsoft is displayed on the front of their building on 8th Avenue on December 30, 2023, in New York City. (Photo by Gary Hershorn\/Getty Images) <\/figcaption><\/figure>\n<header class=\"post-item__meta\">\n<h3 class=\"post-item__title\"> <a class=\"post-item__title-link\" href=\"https:\/\/cyberscoop.com\/russian-foreign-intelligence-hackers-gain-access-to-top-microsoft-officials\/\"> Russian foreign intelligence hackers gain access to top Microsoft officials, company says <\/a> <\/h3>\n<div class=\"post-item__byline\"> <span class=\"post-item__author\"> <span>By <\/span> <a class=\"post-item__author-link\" href=\"https:\/\/cyberscoop.com\/author\/aj-vicens\/\"> AJ Vicens <\/a> <\/span> <\/div>\n<p> <\/header>\n<p> <\/article>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Geopolitics<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/federal-government-russian-breach-microsoft\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Federal government affected by Russian breach of Microsoft | CyberScoop<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1808,1732,757,452,1807,625,1809,270,1387],"tags":[1811,1734,759,454,1810,630,1812,276,1389],"class_list":["post-2934","post","type-post","status-publish","format-standard","hentry","category-apt29","category-cozy-bear","category-cyber-safety-review-board","category-cybersecurity-and-infrastructure-security-agency-cisa","category-exclusive","category-microsoft","category-midnight-blizzard","category-russia","category-svr","tag-apt29","tag-cozy-bear","tag-cyber-safety-review-board","tag-cybersecurity-and-infrastructure-security-agency-cisa","tag-exclusive","tag-microsoft","tag-midnight-blizzard","tag-russia","tag-svr"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/apt29\/\" rel=\"category tag\">APT29<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cozy-bear\/\" rel=\"category tag\">Cozy Bear<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cyber-safety-review-board\/\" rel=\"category tag\">Cyber Safety Review Board<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity-and-infrastructure-security-agency-cisa\/\" rel=\"category tag\">Cybersecurity and Infrastructure Security Agency (CISA)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/exclusive\/\" rel=\"category tag\">Exclusive<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/microsoft\/\" rel=\"category tag\">Microsoft<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/midnight-blizzard\/\" rel=\"category tag\">Midnight Blizzard<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/russia\/\" rel=\"category tag\">Russia<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/svr\/\" rel=\"category tag\">SVR<\/a>","tag_info":"SVR","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/2934","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=2934"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/2934\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=2934"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=2934"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=2934"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":2934,"date":"2024-04-04T15:07:19","date_gmt":"2024-04-04T20:07:19","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=79997"},"modified":"2024-04-04T15:07:19","modified_gmt":"2024-04-04T20:07:19","slug":"federal-government-affected-by-russian-breach-of-microsoft","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/04\/04\/federal-government-affected-by-russian-breach-of-microsoft\/","title":{"rendered":"Federal government affected by Russian breach of Microsoft"},"content":{"rendered":"