Cyber board says Chinese hack of US officials was 'preventable'

Send a link to a friend  Share

[April 03, 2024]  (Reuters) -The U.S. Cyber Safety Review Board said on Tuesday a targeted Chinese hack of top government officials' emails last year was "preventable", faulting technology giant Microsoft for its cybersecurity lapses and a deliberate lack of transparency.  

A view shows a Microsoft logo at Microsoft offices in Issy-les-Moulineaux near Paris, France, March 25, 2024. REUTERS/Gonzalo Fuentes/File Photo

The board said in its report that it identified a series of decisions taken by Microsoft that had decreased enterprise security, risk management and trust from the customers to protect their data and operations.

The intrusion, which stemmed from the compromise of a Microsoft engineer's corporate account, was done by Storm-0558, a hacking group affiliated with the People's Republic of China.

"While no organization is immune to cyberattack from well-resourced adversaries, we have mobilized our engineering teams to identify and mitigate legacy infrastructure, improve processes, and enforce security benchmarks," Microsoft said.

"Our security engineers continue to harden all our systems against attack and implement even more robust sensors and logs to help us detect and repel the cyber-armies of our adversaries. We will also review the final report for additional recommendations."

The board recommended Microsoft to develop and make security-focused reforms across all its products.

Last year, the technology giant said the intrusion of senior officials at the U.S. State and Commerce departments was done by Storm-0558, which is alleged to have stolen hundreds of thousands of emails from top American officials including Commerce Secretary Gina Raimondo, U.S. Ambassador to China Nicholas Burns and Assistant Secretary of State for East Asia Daniel Kritenbrink.

(Reporting by Mehnaz Yasmin and Harshita Meenaktshi in Bengaluru; Editing by Maju Samuel and Sherry Jacob-Phillips)

[© 2024 Thomson Reuters. All rights reserved.]

Copyright 2022 Reuters. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.  Thompson Reuters is solely responsible for this content.

 

 

Back to top