US cyber body to review cloud computing safety, Microsoft breach

Send a link to a friend  Share

[August 12, 2023]   WASHINGTON (Reuters) -A U.S. cyber safety body will review issues relating to cloud-based identity and authentication infrastructure that will include an assessment of a recent Microsoft breach that led to the theft of emails from U.S. government agencies, the Department of Homeland Security (DHS) said on Friday.

A man types into a keyboard during the Def Con hacker convention in Las Vegas, Nevada, U.S. on July 29, 2017. REUTERS/Steve Marcus/File Photo

The review by the Cyber Safety Review Board will look at the malicious targeting of cloud computing environments, the DHS said in a statement.

"Organizations of all kinds are increasingly reliant on cloud computing to deliver services to the American people, which makes it imperative that we understand the vulnerabilities of that technology," DHS Secretary Alejandro Mayorkas said in the statement.

The review comes after U.S. Senator Ron Wyden in July asked the Federal Trade Commission, the Cybersecurity and Infrastructure Security Agency and the Justice Department to "take action" against Microsoft following the hack.

Microsoft has been under increasing scrutiny following revelations that hackers allegedly operating on Beijing's behalf got hold of one of its cryptographic keys and took advantage of a coding flaw to gain sweeping access to the company's cloud email platform.

The Cyber Safety Review Board's review will provide recommendations to help organizations protect against malicious access to cloud-based accounts , DHS said.

(Reporting by Jasper Ward in Washington and Ismail Shakil in Ottawa; editing by Jonathan Oatis)

[© 2023 Thomson Reuters. All rights reserved.]

Copyright 2022 Reuters. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.  Thompson Reuters is solely responsible for this content.

 

 

Back to top