Connect with us

Hi, what are you looking for?

News

Microsoft Could Have Prevented Chinese Cloud Email Hack That Affected The US

Microsoft (Credits: The Hill)

A Biden-appointed review board, the Cyber Safety Review Board (CSRB), released a scathing report on Tuesday, asserting that Microsoft could have prevented Chinese hackers from accessing email accounts linked to U.S. government officials.

According to the report, operational and strategic decisions by Microsoft led to the breach of officials’ emails by hackers in China in July. The board outlined Microsoft’s failure to prevent the breach and recommended the tech giant’s future actions, emphasizing that the intrusion was avoidable.

The report described Microsoft’s errors as avoidable and highlighted the company’s failure to detect that an employee’s laptop had been compromised.

Microsoft Chinese (Credits: The Verge)

The board concluded that Microsoft’s security culture was inadequate and called for an important overhaul, considering the company’s extensive global role and consumers’ trust in it.

To address the needed cultural change within Microsoft, the board suggested that the company’s CEO and Board of Directors should directly focus on enhancing the security culture and develop and share a plan with specific timelines for implementing fundamental security-focused reforms across the company and its products.

In response, Microsoft expressed appreciation for the investigation and emphasized the necessity of adopting a new culture of engineering security.

The company pledged to mobilize its engineering teams to identify and mitigate legacy infrastructure, improve processes, and enforce security benchmarks. Additionally, Microsoft stated its commitment to further strengthening its systems against cyberattacks and enhancing detection capabilities.

Microsoft Office (Credits: New York Post)

The July breach involved a Chinese-based cyber actor gaining access to the email accounts of 25 organizations in the public cloud, including federal agencies.

Known as Storm-0558, the hackers focused on espionage and gathering U.S. intelligence. They exploited a consumer signing key obtained after a crash, which was used to forge authentication tokens and access emails.

The hackers breached the emails of 22 organizations and over 500 individuals worldwide, including U.S. Ambassador to China Nicholas Burns and Commerce Secretary Gina Raimondo.

Homeland Security Secretary Alejandro Mayorkas underscored the review’s importance in addressing the serious cyber threat posed by nation-state actors, emphasizing the critical role of cloud service security in protecting individuals and organizations across the country.

Click to comment
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments

We’re dedicated to providing you the most authenticated news. We’re working to turn our passion for the political industry into a booming online news portal.

You May Also Like

News

In the fiscal year 2022-23, Pakistan’s National Electric Power Regulatory Authority (NEPRA) granted a total of 1,596 net-metering licenses nationwide, collectively amounting to 221.05...

News

Spoilers! The demon Akaza from Kimetsu no Yaiba dies in the eleventh arc of the manga and the one responsible for his death is...

Entertainment

Actress Emma D’Arcy is from the British rebellion. She has only appeared in a small number of movies and TV shows. It might be...

Entertainment

Jennifer Coolidge Is Pregnant: Jennifer Coolidge Audrey Coolidge is a comedian and actress from the United States. Many of her followers are wondering if...