The United States Cyber Safety Review Board declared that a deliberate Chinese intrusion into top government officials’ emails last year was “preventable,” condemning technology juggernaut Microsoft.
The U.S. Cyber Safety Review Board, blaming technology behemoth Microsoft (MSFT.O), stated on Tuesday that a planned Chinese breach of top government officials’ emails last year was “preventable,” opening a new chapter for its cybersecurity failings and willful lack of openness.
According to the board’s assessment, Microsoft took a series of actions that reduced enterprise security, risk management, and customer trust in protecting their data and operations.
Storm-0558, a hacking organization connected with the People’s Republic of China, carried out the intrusion after compromising a Microsoft engineer’s business account.
“While no business is immune to cyberattacks by well-resourced adversaries, we have engaged our technical teams to detect and remediate legacy infrastructure and improve processes, Microsoft said.
“Our security engineers are hardening all of our systems against attacks and implementing even more robust sensors and logs to help us detect and repel our opponents’ cyberarmies. We will also look into the final report for additional recommendations.”
The board suggested that Microsoft create and implement security-focused improvements across all of its products.
Storm-0558 is accused of stealing hundreds of thousands of emails from top American officials, including Commerce Secretary Gina Raimondo, U.S. Ambassador to China Nicholas Burns, and Assistant Secretary of State for East Asia Daniel Kritenbrink.
Also read: Nurturing Responsible Online Behavior in Students by Building a Culture of Digital Citizenship
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
About us:
CIO News, a proprietary of Mercadeo, produces award-winning content and resources for IT leaders across any industry through print articles and recorded video interviews on topics in the technology sector such as Digital Transformation, Artificial Intelligence (AI), Machine Learning (ML), Cloud, Robotics, Cyber-security, Data, Analytics, SOC, SASE, among other technology topics.
