An expert’s point of view on a current event.
May 24, 2021, 10:00 a.m.
Russia’s Sunburst cyber espionage campaign, discovered late last year, hit more than 100 large corporations and US federal agencies, including treasury, energy, justice and homeland security. A crucial part of the Russians’ success was their ability to move through these organizations by compromising cloud and local network identity systems in order to then access cloud accounts and steal emails and files.
Hackers, who the U.S. government said worked for the Kremlin, targeted a widespread Microsoft cloud service that syncs user identities. The hackers stole security certificates to create their own identities. This allowed them to bypass security safeguards such as multi-factor authentication and gain access to Office 365 accounts, which affected thousands of users in the affected businesses and government agencies.
It wasn’t the first time …