Password credentials in the hands of hackers that granted access to a US government network. Feds Hit with Successful Cyberattack, Data Stolen
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert on Thursday, not naming the agency but providing technical details of the attack. Hackers, it said, gained initial access by using employees’ legitimate Microsoft Office 365 log-in credentials to sign onto an agency computer remotely.
“The cyber-threat actor had valid access credentials for multiple users’ Microsoft Office 365 (O365) accounts and domain administrator accounts,” according to CISA.
So here’s my guess as to the causes: Poor passwords. Reused passwords. No 2-factor authentication. Well done US .gov employees, you have less security on your official government stuff than I do on the email I use mainly to send jokes and memes to my friends.
Of course I could be wrong, and this could all be to a security flaw in a Microsoft Product. It’s not like THAT never happens. (Hat tip to Steve – thanks for the email!)