Russian hackers infiltrate Veterans Affairs via Microsoft account

by Vern Evans

A Microsoft-based Veterans Affairs account was accessed in January by Russian hackers, but no personal information or other data was compromised, an agency official confirmed.

The Russian state-sponsored hacker infiltrated a Microsoft platform called Microsoft Azure Government, which provides storage, databases and other services to the VA and other government agencies.

VA press secretary Terrence Hayes told Military Times in an email that the server was breached “for just one second, presumably to see if the credentials worked” by a group called Midnight Blizzard, or Nobelium, which has ties to the Russian government, according to Microsoft.

“After investigating the matter, we determined that no patient data was compromised,” Hayes told Military Times. “VA found that Midnight Blizzard used a single set of stolen credentials to access a Microsoft Cloud test environment around January. … We are continuing to look into this matter with Microsoft to ensure that all veteran patient data remains protected and that we are not compromised in the future.”

Stars and Stripes previously reported the hack.

Microsoft said the attack originally targeted corporate email accounts within the company, including the company’s senior leadership, in an effort to find information related to the group Midnight Blizzard itself. The hacker used a spray attack, which involves using a variety of predictable, simple passwords to try and gain access to an account, according to Microsoft.

“The attack was not the result of a vulnerability in Microsoft products or services,” Microsoft officials said in a January statement. “To date, there is no evidence that the threat actor had any access to customer environments, production systems, source code or AI systems.”

Hayes told Stars and Stripes that the attack was unrelated to a Feb. 21 hack, which involved a private vendor, Change Healthcare, responsible for processing health care payments.

That attack included an expansive breach of the U.S. health care system, possibly including the VA. Fifteen million veterans were notified that their private health care information could have been compromised, Veterans Affairs Sec. Denis McDonough said in April.

The cybersecurity attack also included the Peace Corps and the U.S. Agency for Global Media, an independent news group of the federal government that produces Voice of America, Radio Free Europe and Free Asia, according to Stars and Stripes.

Zamone “Z” Perez is a reporter at Military Times. He previously worked at Foreign Policy and Ufahamu Africa. He is a graduate of Northwestern University, where he researched international ethics and atrocity prevention in his thesis. He can be found on Twitter @zamoneperez.

Read the full article here

Related Posts

Leave a Comment

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy