Another Microsoft Breach

Following last month's intrusion, which was the second instance of Chinese hackers using Microsoft's servers to attack important government systems, concerns over Microsoft's cyber security practices have been building in Washington.

Aug 13, 2023 - 05:24
 0  35
Another Microsoft Breach

The Department of Homeland Security (DHS) announced on Friday (Aug. 11) that a US cyber safety council would examine concerns with cloud-based identification and authentication infrastructure, including an evaluation of a recent Microsoft hack that resulted in the theft of emails from US government entities.

The Cyber Security Review Board is a ground breaking public-private initiative that brings together government and business leaders to better understand significant cyber security events including the causes, mitigations, responses to make recommendations in the wake of those events based on this fact-finding.

According to a statement from the DHS, the Cyber Safety Review Board will examine the deliberate targeting of cloud computing systems. The statement from DHS Secretary Alejandro Mayorkas stated that "organizations of all kinds are increasingly relying on cloud computing to deliver services to the American people, which makes it imperative that we understand the vulnerabilities of that technology."

Following last month's intrusion, which was the second instance of Chinese hackers using Microsoft's servers to attack important government systems, concerns over Microsoft's cyber security practices have been building in Washington. Top State Department officials, including Gina Raimondo, the secretary of commerce are said to have had their inboxes compromised in last month's breach by suspected Chinese hackers.

Microsoft came under fire for the operation that was announced in July but was actually discovered in June by security personnel at the U.S. State Department. This was in part because customers had to pay for a premium logging tier in order to see proof of the breach. Since then, Microsoft has said that users will have free access to increased logging and storage capacity.

In the agency's statement, CSRB Chair and DHS Under Secretary for Policy Rob Silvers said that "as a nation, we must acknowledge the increasing criticality of cloud infrastructure in our daily lives and identify the best ways to secure that infrastructure and the many businesses and consumers that rely on it."

The breach has caused concern about the security of cloud computing environments, which are online platforms where shared resources and services can be accessed. The risk of cloud computing, and recommendations for improving its security and resilience, will be investigated by the CSRB.

There are different reports on how the Microsoft breach happened, Microsoft revealed in July of 2023 that Chinese hackers were exploiting an exploit on its cloud service to spy on U.S. government officials' emails. Hackers have exploited a vulnerability with Microsoft Exchange Online service, a cloud hosted email and calendar system.

Microsoft responded to the security breach by disclosing that its cloud systems have been compromised by Chinese hackers and offered to make security updates available for fixing the vulnerability while encouraging customers to use them as soon as possible. In order to face the threat, Microsoft also reported that it was working in close cooperation with the US government and other allies.

The breach has also compromised the security and integrity of the IT systems of the United States government, which rely on Microsoft cloud services and software. Hackers might have planted backdoors, malware or other malicious software that would enable them to breach systems in the future. The US government's confidence and reputation has been hurt by the breach, on both domestic and international levels. This breach has shown that the United States government's cyber defenses are weak and vulnerable, which could jeopardize its credibility and influence in global affairs.

Cyber security must be taken into account in today's Digital World. Millions of people could be exposed to their personal data if there is one security breach. These breaches have a very serious impact on the companies, as well as damage to customers' confidence. For businesses and individuals to protect themselves from spammers and cyber criminals it is therefore vital that they are protected through cyber security.

What's Your Reaction?

like

dislike

love

funny

angry

sad

wow