I-Cybersecurity and Infrastructure Security Agency (CISA) ikhiphe umyalelo wezimo eziphuthumayo ngo-April 11 ukuze Midnight Blizzard, eyaziwa nangokuthi i-Cozy Bear, umlingisi osongelayo oxhaswe nguhulumeni waseRussia oqondise ama-akhawunti e-imeyili e-Microsoft emkhankasweni wakhe wakamuva.
Iqembu likhipha ulwazi kusuka Amasistimu e-imeyili ebhizinisi e-Microsoft ukuze uthole ukufinyelela kumasistimu ekhasimende e-Microsoft. I-Microsoft kanye ne-CISA sebevele banqume ukuthi yiziphi izincwadi zezinkampani esezikhishiwe kuze kube manje futhi baziswe ngokufanele.
"I-vector yokuqala yokufinyelela ye-Midnight Blizzard attack kwakuyi-Microsoft 365 password spray," kusho uJohn Fokker, inhloko yezobunhloli ezisongela eTrellix, esitatimendeni esithunyelwe nge-imeyili. Abacwaningi e-Trellix babone ukuhlasela okungaphezu kuka-120 engxenyeni yokuqala yonyaka kuphela.
Umyalelo we-CISA ekuqaleni wawukhishwe ezikhungweni zikahulumeni kuphela ngo-April 2. Ubudinga ukuthi ama-ejensi abheke futhi ahlaziye ama-akhawunti e-imeyili e-Microsoft ukuze athole ukuthi ayethintekile yini, asethe kabusha imininingwane esengozini, futhi avikele noma yimaphi ama-akhawunti e-Microsoft Azure akhethekile.
Lezi zidingo zisebenza kuphela kuma-ejensi we-Federal Civilian Executive Branch (FCEB), njengoba kubonakala kuyimpokophelo enkulu ye-Midnight Blizzard. Kodwa i-CISA iphawula ukuthi ezinye izinhlangano okungenzeka ukuthi nazo zithintwe futhi kufanele zifune usizo.
"Kungakhathaleki umthelela oqondile, zonke izinhlangano zikhuthazwa kakhulu ukuthi zisebenzise izinyathelo zokuphepha eziqinile, okuhlanganisa amagama ayimfihlo aqinile, i-multifactor authentication (MFA), kanye nokwabelana ngemininingwane ebucayi engavikelwe ngemigudu engavikelekile," kusho i-CISA. esitatimendeni sayo.
U-Jen Easterly, umqondisi we-CISA, uphinde waphawula ukuthi lokhu kuyekethisa kwe-Microsoft kumane kuwumsebenzi wakamuva we-cyber onobungozi encwadini yokudlala yaseRussia, nokuthi isiqondiso esiphuthumayo sihloselwe ukuqinisekisa ukuthi amanethiwekhi nezinhlelo zezinhlangano zomphakathi zivikelekile.
- I-SEO Powered Content & PR Distribution. Khuliswa Namuhla.
- I-PlatoData.Network Vertical Generative Ai. Zinike Amandla. Finyelela Lapha.
- I-PlatoAiStream. I-Web3 Intelligence. Ulwazi Lukhulisiwe. Finyelela Lapha.
- I-PlatoESG. Ikhabhoni, I-CleanTech, Amandla, Environment, Ilanga, Ukuphathwa Kwemfucuza. Finyelela Lapha.
- I-PlatoHealth. I-Biotech kanye ne-Clinical Trials Intelligence. Finyelela Lapha.
- Source: https://www.darkreading.com/cyberattacks-data-breaches/cisa-emergency-directive-after-midnight-blizzard-microsoft-hits