China Spy Hack on US Officials Triggers Investigations: Microsoft's Security Practices Under Fire as Demands for Transparency Grow

Comments
Loading...

Microsoft Corp MSFT is amid intense scrutiny and accusations of sloppy security over a hack that let China spy on top Biden administration officials, with security researchers suggesting the breach may be worse than initially thought.

The Chinese hack disclosed recently, compromised the unclassified Microsoft email inboxes of senior State Department officials, Commerce Secretary Gina Raimondo, and others.

Also Read: Microsoft Faces EU Antitrust Investigation Over Unfair Competition Concerns with Teams and Office Software Bundling

Sen. Ron Wyden (D-Ore.) requested three separate federal probes of Microsoft's "negligent cybersecurity practices" that allegedly enabled the Chinese espionage campaign against the U.S. government, the Wall Street Journal reports.

Microsoft said the hackers gained access to a critical part of its infrastructure called an MSA digital signing key, which they misused to access customer data. The company provides free tools to help trace cyberattacks after facing flak for its payment system.

Researchers at Wiz reported that the stolen digital key issued in 2016 remained active for weeks after the attack came to light, allowing hackers to access government and corporate accounts.

Wyden and security experts questioned Microsoft's practices, including using the same MSA key for years, in breach of federal guidelines and best practices.

Lawmakers and cybersecurity experts seek more transparency from Microsoft to determine the extent of the damage and prevent similar incidents.

Wyden requested investigations by the Justice Department, the FTC, and the Cyber Safety Review Board to hold Microsoft accountable for its negligence and review its security shortfalls.

The hack affects more than two dozen organizations globally, with fewer than ten organizations compromised in the U.S., primarily targeted at individuals with high intelligence value communications.

The U.S. has not formally linked the attack to China, but officials and lawmakers have attributed it to a Chinese hacking group, which China denies.

Price Action: MSFT shares traded higher by 0.80% at $333.35 premarket on the last check Friday.

Photo by Darwin Laganzon via Pixabay

Disclaimer: This content was partially produced with the help of AI tools and was reviewed and published by Benzinga editors.

Overview Rating:
Good
62.5%
Technicals Analysis
100
0100
Financials Analysis
40
0100
Overview
Market News and Data brought to you by Benzinga APIs

Posted In:
Benzinga simplifies the market for smarter investing

Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.

Join Now: Free!