Jump to content
  • U.S. government to investigate Microsoft's role in China-backed email breach

    aum

    • 394 views
    • 2 minutes
     Share


    • 394 views
    • 2 minutes

    U.S. government data security is again under scrutiny after a recent data breach by suspected Chinese hackers. Microsoft's role in protecting sensitive information will be examined following the cyber attack that compromised the email accounts of U.S. officials.

     

    A U.S. cybersecurity advisory panel announced it will investigate potential risks in cloud computing, including Microsoft's role in the recent breach of government email systems. The Cyber Safety Review Board (CSRB) will examine risks related to cloud infrastructure.

     

    The probe comes after suspected Chinese hackers exploited a vulnerability in Microsoft Azure's cloud email platform to access sensitive communications from the Departments of Commerce and State. The tech giant is among the major cloud providers that will be examined in the CSRB's investigation.

     

    The hacks, believed to be part of a wider espionage campaign by actors affiliated with the Chinese government, compromised email accounts belonging to senior officials.

     

    Microsoft has faced increased scrutiny over the incident, with Senator Ron Wyden calling on federal agencies last month to take action against the company. In a letter, Senator Wyden said:

     

    Government emails were stolen because Microsoft committed another error. Although the stolen encryption key was for consumer accounts, a validation error in Microsoft code' allowed the hackers to also create fake tokens for Microsoft-hosted accounts for government agencies and other organizations and thereby access those accounts.

     

    The senator criticized Microsoft's handling of the hack, saying it failed to take responsibility for previous incidents like the 2020 SolarWinds campaign attributed to Russia.

     

    The probe underscores growing concerns around security risks posed by third-party cloud services, which have become ubiquitous in government and corporate networks. Findings from the review could inform efforts to safeguard better sensitive data and critical systems hosted in the cloud.

     

    The House Oversight Committee announced it is opening a separate investigation into China's suspected role in the Microsoft email system breaches last week. The CSRB plans to focus on identifying and mitigating cloud security risks.

     

    Source: Bloomberg

     

    Source


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...