Democratic Senator Ron Wyden from the US state of Oregon summed up the questionable business practices of quasi-monopolist Microsoft:
It is about security in cloud services and Chinese hackers who exploited Microsoft vulnerabilities to spy on important US organizations.
The case illustrates the problem that many Microsoft customers, such as human rights groups, were unwilling or financially unable to pay extra for critical security features.
But now the Windows group from Redmond has finally responded and wants to offer the premium features for free – the public pressure was probably simply too much after the most recent serious security incident.
The responsible Microsoft manager Vasu Jakkal was able to announce the good news on Wednesday:
This confirmed a prediction by the US medium “Cyberscoop”, which specializes in cybersecurity: that under pressure from the US government, Microsoft could change its approach and also make the logging functions available for “lower licenses”.
The competent US authority, the Cybersecurity and Infrastructure Security Agency (CISA) welcomed the overdue move: access to “important log data” is crucial for Microsoft customers to “fastly fend off” dangerous cyber-attacks.
Security researchers had previously criticized the Windows group’s pricing policy: the company had lowered the security level for all customers to sell “standard” as “premium” and left anyone who couldn’t afford it on their own.
Over the course of a month — between May 15 and June 16 — Chinese hackers were able to penetrate the email accounts of US Secretary of Commerce Gina Raimondo and US State Department officials. The hacker attacks came just as Foreign Minister Tony Blinken was preparing for a critical trip to China.
And it gets worse: IT security specialists only discovered the attack last week and only thanks to a premium logging service from Microsoft. Business customers are asked to pay extra for this service. Without him, the hack probably would have gone undiscovered.
High-ranking officials and security researchers were angry that Microsoft products were being used again for a coup.
The process is explosive, or rather unfavorable to the White House, for another reason: The Biden administration is currently executing a national cybersecurity strategy presented in March. Their approach: «Secure by Default».
According to the US government, the transition to cloud-based services should bring security benefits – and at the same time lucrative orders for the technology sector. However, the failure of such a service to stop a sophisticated attack shook the foundations of the new strategy.
It therefore seems logical that Microsoft is now adjusting its pricing policy for the fall and increasing security for customers without a premium subscription.
To carry out their operation, the Chinese hackers would have managed to obtain a so-called signature key and use it to create digital access codes (tokens). So they had a duplicate key.
Such security tokens should allow legitimate users to access cloud services (such as Office 365). How the hackers got the key is a great mystery, say American tech journalists. This is a serious security flaw at Microsoft.
In a company blog post published on July 14, the company commented on the incident, saying that the method by which the hackers obtained the key is “under investigation.”
In a report, the American medium Cyberscoop pointed to a fundamental security problem: namely the fact that such a key could even be used to create fraudulent identities. This has left cybersecurity professionals wondering how Microsoft could use such an insecure system.
While many technical details of the Chinese attack remain unclear, researchers are outraged that Microsoft systems have once again been exploited in an attack based on fake authentication tools.
Russian hackers used a similar Microsoft vulnerability in 2021 to penetrate thousands of systems as part of the “SolarWinds” hacking campaign.
The hackers were able to compromise SolarWinds’ IT management software and inject an attack tool (dubbed “Sunburst”). The malware then landed on victims’ systems as a regular update.
Because the update was digitally signed and from a trusted source, the attackers were able to access many high-profile targets and virtually hide in plain sight. According to experts, such supply chain attacks are very difficult to detect.
Microsoft later confirmed that the attackers were able to infiltrate 40 other organizations that were not even SolarWinds customers. The consequences of the cyber attack were enormous. Vulnerabilities in Microsoft and VMware software also gave attackers access to email and other documents.
Finally, heed the warnings from reputable security experts who say that it will remain extremely difficult in the future to prevent “cyber operations” by experienced and well-equipped elite hackers. When a state is willing to spend time and resources hacking into a computer system, defending it is always a huge challenge.
Source: Watson
I’m Ella Sammie, author specializing in the Technology sector. I have been writing for 24 Instatnt News since 2020, and am passionate about staying up to date with the latest developments in this ever-changing industry.
On the same day of the terrorist attack on the Krokus City Hall in Moscow,…
class="sc-cffd1e67-0 iQNQmc">1/4Residents of Tenerife have had enough of noisy and dirty tourists.It's too loud, the…
class="sc-cffd1e67-0 iQNQmc">1/7Packing his things in Munich in the summer: Thomas Tuchel.After just over a year,…
At least seven people have been killed and 57 injured in severe earthquakes in the…
The American space agency NASA would establish a uniform lunar time on behalf of the…
class="sc-cffd1e67-0 iQNQmc">1/8Bode Obwegeser was surprised by the earthquake while he was sleeping. “It was a…