Hacker downloaded data from network of U.S. agencyChristian Fernsby ▼ | September 24, 2020
Federal authorities did divulge that the hacker was able to browse directories, copy at least one file and exfiltrate data, according to the Cybersecurity and Infrastructure Security Agency, CISA.
America Cybersecurity and Infrastructure Security Agency
The hacker implanted malware that evaded the agency’s protection system and was able to gain access to the network by using valid access credentials for multiple users’ Microsoft 365 accounts and domain administrator accounts, according to authorities.
Investigators weren’t able to determine how the hacker initially obtained the credentials.
CISA released technical details about the breach, but didn’t provide any information about what data was stolen or whether the hack was carried out by a rival nation state. ■