Adrian Johnson
TLDR:
- A government report criticizes Microsoft for security flaws allowing Chinese hackers to breach its networks.
- The Cyber Safety Review Board recommends an overhaul of Microsoft’s security systems.
A recent government report has highlighted significant security flaws in Microsoft’s systems, allowing Chinese hackers from a group called Storm-0558 to breach the company’s networks. The report, released by the Cyber Safety Review Board, identified avoidable errors in Microsoft’s authentication system that led to the compromise of senior US officials’ email accounts, including those of Commerce Secretary Gina Raimondo and Congressman Don Bacon. The report called for an overhaul of Microsoft’s security culture, emphasizing the need for quick and substantial improvements due to the company’s essential role in national security and the global economy.
In response to the report, Microsoft acknowledged the need for a new culture of engineering security within its networks and highlighted ongoing efforts to address security vulnerabilities. The Cyber Safety Review Board also criticized Microsoft for inaccurately identifying the root cause of the attack and failing to promptly update the announcement. Overall, the report underscores the importance of enhancing Microsoft’s security systems to prevent future breaches and protect sensitive data.
