Share this article
Latest news
With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low
Copilot in Outlook will generate personalized themes for you to customize the app
Microsoft will raise the price of its 365 Suite to include AI capabilities
Death Stranding Director’s Cut is now Xbox X|S at a huge discount
Outlook will let users create custom account icons so they can tell their accounts apart easier
CSRB accuses Microsoft of neglecting its security systems
The Storm-0558 group stole 60,000 emails from the US State Department
3 min. read
Published onApril 3, 2024
published onApril 3, 2024
Share this article
Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more
The US government’s Cybersecurity and Infrastructure Security Agency’s (CISA’s) Cyber Safety Review Board (CSRB)reviewed the June 2023attack on Microsoft’s Exchange Online hosted email service. The board decided that the attack conducted by theChina-related Storm-0558was preventable. Thus, the CSRB blames Microsoft for having a weak information-spreading security culture. In addition, they claim that the company uses inadequate cloud security measures.
During the June 2023 attack on Microsoft, hackers compromised the accounts of several senior US officials. As a result, according toThe Register, the CSRB wants the tech giant to review their security systems and the cause of the breach.
CSRB recommendations to Microsoft
The first recommendation from the CSRB is that the CEO and the board of directors directly focus on the security vulnerabilities of their system. On top of that, they should develop and share publicly a plan for security-focused reforms. Also, they mention that the CEO of Microsoft should hold the senior management accountable for its delivery.
Another suggestion from the CSRB to Microsoft is to move security to the top of their priorities. Additionally, they want the company to put new features on hold until they fix the vulnerabilities. Moreover, the Cyber Safety Review Board wants Microsoft to analyze security risks before deploying new features.
What happened during the June 2023 attack on Microsoft services?
According to the CRSB, the attacks from June 2023 targeted the Microsoft Services Account (MSA). The MSA manages accounts in the cloud services for users. However, the feature lacked a proper key rotation system that should change digital keys regularly to prevent unauthorized access to cloud accounts.
Microsoft used to manage this feature manually, but they stopped in 2021. Also, between 2021 and 2023, when the attack happened, the company didn’t take any additional measures regarding the outdated digital keys. As a result, the keys became a security gap that allowed hackers to break in. That’s one of the reasons why CSRB believes that Microsoft could’ve prevented the attack.
The China-relatedStorm-0558group used this opportunity to access the system with an outdated key from 2016. With it, they managed to steal data from consumer accounts and tokens to access enterprise accounts. By doing this, they stole 60,000 emails and a list of employee email addresses from theUS State Department. On top of that, some of the emails contained diplomatic discussions.
Microsoft didn’t handle the situation with transparency. Thus, they didn’t share howthreat actorsstole the key. In addition, they blamed the whole incident on a crash dump file stored by mistake in an unsecured environment. However, in 2024, the company admitted that they couldn’t find any evidence to their claims.
Ultimately, CSRB holds Microsoft accountable for not prioritizing security systems. Also, its competitors are handling security vulnerabilities better and with more responsibility. On top of that, the board considers Microsoft’s security infrastructure outdated. CSRB blames the company’s focus on flashy features like AI. Additionally, the board says the company forgot its core values from its founding CEO, Bill Gates.
What are your thoughts? Is Microsoft bringing way too many features without proper security measures? Let us know in the comments.
More about the topics:Cybersecurity,microsoft
Sebastian Filipoiu
Sebastian is a content writer with a desire to learn everything new about AI and gaming. So, he spends his time writing prompts on various LLMs to understand them better. Additionally, Sebastian has experience fixing performance-related problems in video games and knows his way around Windows. Also, he is interested in anything related to quantum technology and becomes a research freak when he wants to learn more.
User forum
0 messages
Sort by:LatestOldestMost Votes
Comment*
Name*
Email*
Commenting as.Not you?
Save information for future comments
Comment
Δ
Sebastian Filipoiu
Sebastian is a content writer with a desire to learn everything new about AI and gaming.
