Since January 2020, russian hackersor supported by the Russian government, have repeatedly targeted American companies related to the army or with a secret-defense clearance.
What did the Russian hackers get?
According to the Cybersecurity and Infrastructure Agency (CISA), these illegal activities allowed hackers to obtain sensitive information about American technologies, particularly with regard to the design of military vehicles and aircraft. Very sensitive areas according to the Ministry of Defense. CISA has not officially stated that the hackers obtained classified documents, but said they were able to access certain sensitive information. The FBI and the NSA confirm and assure that Russian hackers will continue to target American companies with secret-defense clearance.
One month after the events, what do we know about the cyberattack against La Croix Rouge?
According to CISA, “information stolen by cybercriminals provides significant insight into development and deployment schedules for US weapons platforms, vehicle specifications, and plans for communications infrastructure and information technology”. American authorities are concerned that the Russians are adjusting their own plans and their military priorities. The Cybersecurity and Infrastructure Agency believes that Russia could accelerate its efforts in the field of technological development.
What is Microsoft 365’s responsibility in this matter?
According to US authorities, Russian intelligence services could also inform other foreign decision-makers, allies of Russia, on the military intentions of the United States. Hackers targeted Microsoft 365 services as a priority. It is recalled that the SolarWinds hack allowed hackers to reach United States Department of Justice emails due to a security flaw in Microsoft. 365.
This access allowed Russian hackers to penetrate the computer systems of several hundred companies. Infiltrations often go unnoticed. The document released by CISA does not address the issue of whether U.S. defense and intelligence organizations plan to re-examine their relationship of trust with suppliers who have not complied with basic cybersecurity rules.
This release comes as tensions between the United States and Russia continue to escalate over a potential invasion of Ukraine. A few days ago, Russia again targeted several Ukrainian government websites in a massive cyberattack. Even more recently, the Ukrainian Ministry of Defense was also the victim of an attack most likely orchestrated by Russia. Two banks were also affected. The online services of PrivatBank and Oschadbank were rendered inaccessible for several hours before being restored despite certain “instabilities”.