US blames Microsoft for “cascade of errors” in Chinese hacking – El Sol de México

A hard US government report found that an intrusion into Microsoft servers by a Chinese hacking groupwhich breached the emails of several senior Washington officials, was due to a “cascade of avoidable errors” by the Silicon Valley tech giant.

The Cyber ​​Security Review Board (CSRB), led by the US Department of Homeland Security, carried out an investigation that lasted seven months to resolve the incident involving Storm-0558, a cyberespionage agent linked to China.

That act of hacking, which was first discovered by the United States Department of State in June 2023, included attacks on official and also personal email addresses of the Secretary of Commerce, Gina Raimondo, as well as the US ambassador to China, Nicholas Burns.

The report, released Monday, criticized a Microsoft corporate culture “at odds with the company’s centrality in the technology ecosystem and the level of trust that customers place in the company.”

Microsoft’s core business is providing cloud computing services, such as Azure or Office360, that host sensitive data and power business and government operations across major sectors of the economy.

“Cloud computing is one of the most critical infrastructures we have, hosting sensitive data and powering business operations across our economy,” said CSRB Chairman Robert Silvers.

“It is imperative that cloud service providers prioritize security and build it in by design,” he added.

➡️ Join the El Sol de México channel on WhatsApp so you don’t miss the most important information

The investigation identified a series of operational and strategic decisions by Microsoft that opened the door to virtual intrusion, including the failure to identify a new employee’s compromised laptop following a corporate acquisition in 2021.

It also found that Microsoft failed to meet security standards seen at competing cloud companies, including Google, Amazon and Oracle.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button