Microsoft made a series of mistakes that could have been avoided, leading to Chinese hackers infiltrating the company's network and later accessing the email accounts of high-ranking US officials, such as the secretary of commerce. This was revealed in a critical report by the US Cyber Safety Review Board (CSRB), a team of cybersecurity experts from the government and private sector led by the Department of Homeland Security. The board was established by President Joe Biden in 2021 to investigate the underlying reasons behind significant hacking incidents.
The review board criticized Microsoft (MSFT) for failing to protect a crucial cryptographic key. This allowed hackers to access Outlook accounts by pretending to be legitimate users remotely. The report also stated that Microsoft needs to improve its security practices because of its significant role in the technology industry.
A recent hack caused chaos in Washington and allowed Chinese operatives to read the unclassified email accounts of top US diplomats. This included the email account of US Ambassador to China Nicholas Burns just before Secretary of State Antony Blinken's important visit to China in June, as reported by CNN.
According to the State Department spokesman Matthew Miller, the hackers managed to download approximately 60,000 emails from the State Department's system.
The hackers also breached the email account of Secretary of Commerce Gina Raimondo ahead of her trip to China last August, Raimondo has confirmed.
China has denied the hacking allegations.
Microsoft announced in November that it would strengthen its security measures for creating software and safeguarding its users, in response to the reported Chinese hacking incident and the examination of its security procedures by US lawmakers.
In a statement to CNN on Tuesday, a Microsoft spokesperson expressed gratitude for the efforts of the Cyber Safety Review Board in examining the effects of nation state threat actors who operate persistently without significant deterrence.
Microsoft is actively working to improve legacy infrastructure, processes, and security benchmarks. The security engineers are strengthening systems against attacks and implementing advanced sensors and logs to detect and repel cyber threats.
A spokesperson mentioned that Microsoft will carefully review the board's recommendations.
Last summer, there was a reported hack that was part of a string of cyber-espionage attacks linked to China and Russia. These attacks targeted US national security interests by exploiting commonly used software from companies like Microsoft. In 2020, Russian hackers allegedly breached software from US company SolarWinds to steal emails from US government agencies.
According to Cory Simpson, CEO of the Institute for Critical Infrastructure Technology, a think tank, the US government faces a crucial decision with its IT service providers: either continue with the same level of cybersecurity or opt for stronger protection.
“I hope this CSRB report is used as a call to action by the US government for meaningful change in its longstanding relationship with Microsoft,” Simpson told CNN.
Editor's P/S:
The recent report by the US Cyber Safety Review Board (CSRB) is a stark reminder of the critical need for robust cybersecurity measures in the face of sophisticated hacking attempts. Microsoft's failure to protect a crucial cryptographic key, as highlighted in the report, underscores the consequences of complacency in the digital realm. This incident, which allowed Chinese hackers to access the email accounts of high-ranking US officials, has raised serious concerns about the vulnerability of sensitive information in an increasingly interconnected world.
It is imperative for major technology companies, like Microsoft, to prioritize cybersecurity and implement stringent security practices, given their significant role in the tech industry. The board's criticism of Microsoft's security practices serves as a warning to other organizations to invest in robust cybersecurity measures to prevent similar breaches in the future. As the threat landscape continues to evolve, it is crucial for governments and businesses to collaborate and adopt a proactive approach to safeguarding sensitive information from malicious actors.