US State Department expands security vendor list amid Microsoft hacking issues

Recall AI feature rollout by Microsoft delayed due to security concerns
Recall AI feature rollout by Microsoft delayed due to security concerns

Since China-linked hackers entered the tech giant’s network last year, the US Department of State has collaborated with a number of security businesses in addition to Microsoft, according to a senior official.

Since China-linked hackers breached the tech giant’s network last year, the US Department of State has been working with a variety of security firms in addition to Microsoft (MSFT.O), according to a senior official.

That hack, which stole approximately 60,000 State Department emails, including those of Commerce Secretary Gina Raimondo, was one of the worst in recent years against a federal institution and drew widespread criticism from Microsoft. The Cyber Safety Review Board chastised the corporation last month for a lack of transparency.

“It’s not even that the software they provided me was insecure. On the margins of the RSA Conference in San Francisco on Monday, Kelly Fletcher, the department’s chief information officer, stated that the keys to the kingdom were in the corporate network, which was not secure.

“We’re seeing this sort of across the ecosystem… that these corporate networks are really important,” she stated in a recent interview. “I’m counting on all my vendors, not just Microsoft, not only to sell me software that’s secure, but to have a secure corporate network.”

Microsoft previously stated that Storm-558, a hacking gang, had gotten access to a cryptographic key that allowed it to break into many government inboxes.

The event worsened an already sour US-China relationship, with the Chinese embassy in Washington dismissing claims that Chinese government-linked hackers were responsible.

“Microsoft is unquestionably a significant element of the State Department ecosystem. But they aren’t my only cloud vendor,” Fletcher said, adding that the department will continue to use numerous vendors. She mentioned Palo Alto (PANW.O), Zscaler (ZS.O), and Cisco (CSCO.O), all of which open a new tab.

Microsoft finally revoked the hackers’ access by invalidating the stolen digital key, but Fletcher believes the attack might have had far greater consequences.

“At the time, I didn’t realize they could access anything they wanted in the Microsoft Office 365 environment for almost any organization in the world,” she said, referring to the company’s proprietary software.

According to Fletcher, the department has now introduced a variety of security measures, including multifactor authentication and increased data encryption.

“Four years ago, 5% of our systems had these types of cybersecurity principles. Today, it’s 95%,” she explained.

Microsoft has also received harsh criticism from several of its security industry rivals, particularly since it was revealed this year that hackers linked to Russia’s foreign intelligence penetrated its senior executives’ workplace emails.

Also readPublic transit apps prioritize cybersecurity measures to protect their digital systems and safeguard passenger data, says Narayan Mishra Co-founder & CTO at Tummoc – a public transit app

Do FollowCIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter 

About us:

CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.

CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.