Microsoft's Information Security Culture, Cloud Vulnerabilities To Blame For 2023 China-Linked Cyberattack, Says Federal Agency

Zinger Key Points
  • CSRB report highlights Microsoft's security lapses led to a major 2023 cyberattack compromising US officials' accounts.
  • Chinese-linked group exploited outdated Microsoft key rotation practices to breach high-profile email accounts.
  • Microsoft under pressure to enhance cybersecurity as government report calls for top-level oversight of security measures.

The Cyber Safety Review Board (CSRB) of the Cybersecurity and Infrastructure Security Agency has found that Microsoft Corporation MSFT had security lapses that paved the way for a 2023 cyberattack. This incident resulted in the compromise of high-ranking US officials’ accounts.

What Happened: According to the CSRB report, a group with links to China, identified as “Storm-0558”, took advantage of inadequacies in Microsoft’s cloud security and infosec culture. This led to a breach of its Exchange Online hosted email service in June 2023. Following this, Microsoft and the federal government continued investigating the hack and understanding its full impact.

The report highlighted Microsoft’s key rotation practices for securing the Microsoft Services Account (MSA), which didn’t include an automatic signing of key rotation or deactivation process. The outdated system, launched during the early 2000s, proved ineffective when Microsoft stopped manually managing keys in 2021 after a major cloud outage.

See Also: Mark Cuban Jokes Zuckerberg Was ‘Just Trying To Get Laid’ As He Reveals The Secrets To Becoming A Billionaire

Storm-0558 exploited an old key from 2016 to access Microsoft’s public-facing Outlook Web Access. Owing to a system glitch, the group could use the key to break into enterprise email accounts, leading to the theft of nearly 60,000 emails from the US State Department, including sensitive diplomatic conversations and a list of employee emails.

According to the CSRB, Microsoft “did not accord security risk management the priority it deserved given the threat and the critical importance of Microsoft technology to more than one billion global customers.” It was stressed that the company’s “Secure Future Initiative” requires supervision from its top brass.

Why It Matters: Earlier in July 2023, Microsoft disclosed that Storm-0558 had breached email accounts connected to Western European government agencies, raising cybersecurity concerns. Later, Sen. Ron Wyden (D-Ore.) accused Microsoft of negligence in its cybersecurity practices and urged the Justice Department to hold the company accountable.

Read Next: Tesla CEO Elon Musk Reacts To Apple Co-Founder Steve Jobs On Finding Top Talent: ‘You Build Up These Pockets Of ‘A’ Players And It Propagates’


Engineered by Benzinga Neuro, Edited by Sudhanshu Singh


The GPT-4-based Benzinga Neuro content generation system exploits the extensive Benzinga Ecosystem, including native data, APIs, and more to create comprehensive and timely stories for you. Learn more.


Market News and Data brought to you by Benzinga APIs
Comments
Loading...
Posted In: NewsTechConsumer TechcyberattackMicrosoftSudhanshu Singh
Benzinga simplifies the market for smarter investing

Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.

Join Now: Free!