Cyber board deems Chinese hack of US officials avoidable

April 4, 2024
1 min read

TLDR:

Key Points:

  • The US Cyber Safety Review Board determined that a Chinese hack of US officials’ emails was preventable.
  • Microsoft was faulted for security lapses and lack of transparency.

In a report, the US Cyber Safety Review Board identified Microsoft’s decisions that decreased security, risk management, and customer trust. The hack, carried out by a Chinese hacking group, compromised a Microsoft engineer’s account. Microsoft responded by mobilizing engineering teams to improve security measures and review the final report for recommendations. The board recommended Microsoft make security reforms across all products. Last year, senior US officials’ emails were stolen, raising concerns about cybersecurity.

Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and