Adrian Johnson
TLDR:
Key Takeaways:
- US government report criticizes Microsoft’s “inadequate” security culture.
- Chinese hacking group breached emails of US officials leading to the criticism.
In a scathing report, the US government criticized Microsoft’s security practices after a Chinese hacking group breached the emails of high-ranking officials, including US Commerce Secretary Gina Raimondo. The Cyber Security Review Board (CSRB) highlighted the importance of enhanced logging capabilities and charged for enhanced logging to prevent such breaches. The report emphasized the security failures at Microsoft that allowed the Chinese state-sponsored hacking group, Storm-0558, to breach the Microsoft Exchange online mailboxes of several organizations and individuals globally. Chinese hackers also targeted the emails of US officials, indicating flaws in Microsoft’s cybersecurity measures. This incident is not the first time Microsoft has faced attacks from state-sponsored cyber attackers, including Russian and Chinese hacker groups.
Full Article:
Microsoft’s Security Breakdown: Chinese Hacking Group Breaches Defenses
Last Updated 30 mins ago By Giuseppe Ciccomascolo
US criticized Microsoft security practices after Chinese hackers breached emails of officials, blasting its “inadequate” security culture.
Outlined in the report is the practice of charging for enhanced, or premium, logging. This enables Microsoft clients to monitor system activity over time, which is crucial for investigating cyberattacks. The report also emphasized the importance of audit logging in uncovering cyberattacks. The CSRB investigated a 2023 incident in which Chinese hackers breached the email accounts of high-ranking US officials. The threat actor, code-named Storm-0558, downloaded approximately 60,000 emails from the State Department alone. This incident highlights the ongoing cybersecurity challenges faced by Microsoft in dealing with state-sponsored cyber attackers.
Microsoft has also faced challenges from Russian cyber attackers in the past, exposing vulnerabilities in its cybersecurity infrastructure. The continuous attacks from various nation-state actors emphasize the importance of robust security measures and enhanced logging capabilities to prevent such breaches in the future.
