Jump to content
  • Microsoft slammed for negligent cybersecurity following Chinese hack

    aum

    • 461 views
    • 2 minutes
     Share


    • 461 views
    • 2 minutes

    Microsoft could face further investigation after attack

     

    US senator Ron Wyden is calling on three separate bodies to conduct their own investigations into Microsoft following the recent email hacking attack that saw government officials like Commerce Secretary Gina Raimondo and Secretary of State Antony Blinken targeted.

     

    According to Microsoft’s own accounts, a Chinese threat actor that is being tracked as Storm-0558 “gained access to email accounts affecting approximately 25 organizations in the public cloud including government agencies.” Redmond said that related consumer accounts of individuals associated with these affected organizations were also compromised.

     

    In his letter, Senator Wyden likens the attack to the 2020 SolarWinds campaign by a Russian threat actor, during which US government emails were also hacked.

     

    Microsoft may face yet another investigation - or three


    Microsoft is already under severe scrutiny in the EU, and has been for years, owing to a number of antitrust and anticompetitive cases. Most recently, the company has come under fire for its unfair cloud practices concerning its Azure platform.

     

    This time, it’s a trio of US agencies that are being asked to launch their own, individual probes into Microsoft.

     

    More specifically, Wyden asked the Cybersecurity and Infrastructure Security Agency (CISA) to investigate whether the company had violated best practices recommended by none other than itself and the National Security Agency (NSA), the Department of Justice whether “Microsoft’s negligent practices violated federal law,” and the Federal Trade Commission (FTC) whether Microsoft “violated federal laws enforced by the [FTC],” particularly around deceptive business practices.

     

    Concluding the letter, Senator Wyden writes: “I also urge you to take all necessary steps to hold the company responsible for any violations of that order."

     

    A company spokesperson told CNBC:

     

    “This incident demonstrates the evolving challenges of cybersecurity in the face of sophisticated attacks. We continue to work directly with government agencies on this issue, and maintain our commitment to continue sharing information at Microsoft Threat Intelligence blog.”

    The company did not immediately respond to our request for commentary on the potential threat of three separate probes.

     

    Source

    • Like 3

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...