POST Online Media Lite Edition


Hacker downloaded data from network of U.S. agency

Christian Fernsby |
Federal authorities did divulge that the hacker was able to browse directories, copy at least one file and exfiltrate data, according to the Cybersecurity and Infrastructure Security Agency, CISA.

Article continues below

Topics: U.S.   

An unnamed U.S. federal agency was hit with a cyber attack after a hacker used valid access credentials, authorities said on Thursday.

The hacker implanted malware that evaded the agency’s protection system and was able to gain access to the network by using valid access credentials for multiple users’ Microsoft 365 accounts and domain administrator accounts, according to authorities.

Investigators weren’t able to determine how the hacker initially obtained the credentials.

CISA released technical details about the breach, but didn’t provide any information about what data was stolen or whether the hack was carried out by a rival nation state.

What to read next

India's moon mission attacked from North Korea
North Korean malware lurking in computer networks, says U.S.
Hackers found 200 vulnerabilities in U.S. Air Force computers in 24 hours