Homeland Security Blasts Microsoft for Security Failures Amid Chinese Cyber Espionage
April 5, 2024The Department of Homeland Security has issued a critical report on Microsoft for security weaknesses that led to Chinese cyber attacks on U.S. officials' email accounts.
An extensive review by the Cybersecurity Review Board highlighted Microsoft's inadequate corporate security culture and practices as contributing factors to the breach.
Over 500 individuals and 22 organizations, including top government officials, were affected by the Microsoft Exchange Online security incident.
The report urges Microsoft to publicly outline a comprehensive security reform plan with specific timelines for implementation.
Microsoft's public statements about the breach were deemed inaccurate by the review board.
The U.S. government identifies China as the primary cyber espionage threat, with recent indictments against Chinese nationals for long-term hacking efforts.
The report calls for the U.S. government to demand substantial security improvements from Microsoft and for Microsoft to prioritize restoring robust security measures.
Summary based on 11 sources
Get a daily email with more World News stories
Sources
The Hill • Apr 3, 2024
Microsoft could have stopped Chinese cloud email hack: Review panelBleepingComputer • Apr 4, 2024
Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack