|
The board said in its report that it identified a series of
decisions taken by Microsoft that had decreased enterprise
security, risk management and trust from the customers to
protect their data and operations.
The intrusion, which stemmed from the compromise of a Microsoft
engineer's corporate account, was done by Storm-0558, a hacking
group affiliated with the People's Republic of China.
"While no organization is immune to cyberattack from
well-resourced adversaries, we have mobilized our engineering
teams to identify and mitigate legacy infrastructure, improve
processes, and enforce security benchmarks," Microsoft said.
"Our security engineers continue to harden all our systems
against attack and implement even more robust sensors and logs
to help us detect and repel the cyber-armies of our adversaries.
We will also review the final report for additional
recommendations."
The board recommended Microsoft to develop and make
security-focused reforms across all its products.
Last year, the technology giant said the intrusion of senior
officials at the U.S. State and Commerce departments was done by
Storm-0558, which is alleged to have stolen hundreds of
thousands of emails from top American officials including
Commerce Secretary Gina Raimondo, U.S. Ambassador to China
Nicholas Burns and Assistant Secretary of State for East Asia
Daniel Kritenbrink.
(Reporting by Mehnaz Yasmin and Harshita Meenaktshi in Bengaluru;
Editing by Maju Samuel and Sherry Jacob-Phillips)
[© 2024 Thomson Reuters. All rights
reserved.]
Copyright 2022 Reuters. All rights reserved. This material may
not be published, broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content.
|
|
