In a scathing report released Tuesday, a Biden-appointed review board said Microsoft could have prevented Chinese hackers from accessing email accounts associated with U.S. government officials. Stated.
reportAn investigation conducted by the Cyber Security Review Board (CSRB) found that “operational and strategic decisions” led Chinese hackers to compromise officials’ emails last July.
The report outlined the company’s data breach failures and made recommendations for the tech giant’s future direction. It said it had found that the “intrusion was preventable and should never have occurred.”
The report describes Microsoft’s “preventable errors” and says the company failed to detect that an employee’s laptop had been compromised.
Ultimately, the board concluded that, given the company’s significant global role and the amount of trust consumers place in the company, “Microsoft’s security culture is inadequate and requires a complete overhaul.” ”.
“To drive the rapid cultural change needed within Microsoft, the Board of Directors is committed to ensuring that the CEO and Board of Directors focus directly on the company’s security culture and implement specific initiatives to strengthen fundamental security. “We believe that Microsoft’s customers will benefit from developing and publicly sharing a plan that includes a clear timeline – focused transformation across the entire company and product suite,” the review committee wrote. There is.
Microsoft said in a statement that it appreciated the investigation and that recent attacks demonstrate the need to “adopt a new culture of engineering security.”
“While no organization is immune to cyberattacks from resource-rich adversaries, we mobilized our engineering teams to identify and mitigate legacy infrastructure, improve processes, and conduct security benchmarks.” said a Microsoft spokesperson in a statement.
“We continue to harden all of our systems against attacks and implement more robust sensors and logs to detect and defeat enemy cyber forces,” the company said in a statement.
In July 2023, cyber attackers based in China gained access to the email accounts of 25 organizations in the public cloud, including federal agencies. Microsoft announced last year that the hackers, known as Storm-0558, were “focused on espionage” and gathering intelligence on the United States.
The company later announced that hackers obtained consumer signing keys to compromise emails after the crash produced a snapshot of the crash process that included the consumer-singing key. It was then used to forge authentication tokens to access emails.
In all, the hackers breached the emails of 22 organizations and more than 500 people around the world, including Ambassador Nicholas Burns to China and Secretary of Commerce Gina Raimondo, according to the Associated Press.
in statement Following the board’s report, Homeland Security Secretary Alejandro Mayorkas said the review was needed to protect against “the serious cyber threats posed by these nation-state actors.”
“Individuals and organizations across the country rely on cloud services every day, and the security of this technology has never been more important,” Mayorkas said in a statement. “Nation-state attackers continue to become increasingly sophisticated in their ability to compromise cloud service systems.”
Copyright 2024 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.
