USA Blames Microsoft, Chinese Hackers Are Rampant
Chinese hackers are rampant. PHOTO/DAILY
NEW YORK - A scathing report from the United States government claims that the intrusion into Microsoft servers was carried out by a Chinese hacking group.
As reported by CNET, Chinese hackers hacked a number of emails belonging to senior US officials, due to a "series of avoidable mistakes" by the tech giant. The Cybersecurity Review Board (CSRB), led by the Ministry of Homeland Security, has been conducting a seven-month investigation into the incident involving the China-affiliated cyber spy actor Storm-0558.
The operation, first discovered by the US Department of State in June 2023, included hacking of official and private mailboxes belonging to Commerce Secretary Gina Raimondo and the US Ambassador to China, Nicholas Burns.
Microsoft's core business is providing cloud computing services, such as Azure or Office360, that store sensitive data and support business and government operations across key sectors of the economy.
The three British parliamentarians give a press conference in London, March 25, 2024. The three said they had been targets of harassment and hacking attempts by China.
The report, released Monday, criticized Microsoft's corporate culture as "at odds with the company's centrality in the technology ecosystem and the level of trust customers place in the company." “Cloud computing is one of the most critical infrastructures we have, because it stores sensitive data and supports business operations across our economy,” said CSRB Chairman Robert Silvers.
The review identified a series of operational and strategic decisions by Microsoft that opened the door to the hack, including a failure to identify hacked new employee laptops, following the company's 2021 acquisition. The review also found that Microsoft did not meet security standards seen at rival cloud computing companies, including Google, Amazon and Oracle.
“The agency found that the intrusion was preventable and should never have occurred,” the review said. '' The report also shows “a series of avoidable Microsoft errors that led to the successful intrusion.” he stressed.