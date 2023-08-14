Countries
Close
English English Portuguese Português (PT/BR) 한국어 Korean 한국어
U.S. Government Initiates Investigation into China’s Microsoft Email Breach
News

U.S. Government Initiates Investigation into China’s Microsoft Email Breach

Krishi Chowdhary Journalist Author expertise
Updated:

U.S. Government Initiates Investigation into Microsoft Email Breach

The U.S. Department of Homeland Security’s Cyber Safety Review Board (CSRB) has announced that it will be investigating the breach of Microsoft Exchange Online by suspected Chinese hackers last July.

This breach exposed vulnerabilities in cloud-based identity and authentication infrastructure.

Naturally, the incident raised concerns over data security, prompting the need for comprehensive scrutiny of the matter. Security experts and lawmakers in the US have applauded the decision to delve into this issue.

It was last Friday that Alejandro Mayorkas, DHS Secretary, announced the review. He emphasized the growing dependence on cloud computing by various organizations. Mayorkas stated,

Organizations of all kinds are increasingly reliant on cloud computing to deliver services to the American people, which makes it imperative that we understand the vulnerabilities of that technology.Alejandro Mayorkas, DHS Secretary

This marks the third investigation conducted by the CSRB. The Board was established in 2021 to review major cybersecurity incidents and draw insights from the same.

Previously, the Board investigated the Log4j vulnerability and the recent attacks by the Lapsus$ hacking group. Although CSRB lacks regulatory or enforcement powers, it has a critical role to play in learning from past cybersecurity breach incidents to make future improvements in defense mechanisms.

China Involved In Infiltrating Government Email Accounts

The breach in question involved China state-backed hackers, who managed to infiltrate government email accounts hosted by Microsoft. The cyberattack victims included officials from the U.S. State Department and the US Commerce Department.

The malicious players exploited a sensitive signing key and a flaw that Microsoft later patched to gain unauthorized access to the accounts. This data breach demonstrates the necessity of rigorous security protocols to secure sensitive information.

Microsoft made logs available to customers at no extra cost to strengthen accountability and detect threats early on.

The intrusion, which began in mid-May, went undetected for over a month. This reveals a delay in identifying and responding to such cyber threats, which were eventually detected by State Department Officials. This raised questions about the effectiveness of existing security measures.

Lawmakers have also voiced their opinions on this matter. Criticizing Microsoft’s cybersecurity practices, Senator Ron Wyden asserted that “lax cybersecurity practices” helped the miscreants carry out the espionage campaign.

Wyden, in a letter to government agencies, demanded an investigation into the incident. He also held Microsoft accountable for the security loophole. Other experts also voiced similar concerns, emphasizing the need for stronger security mechanisms in cloud technologies.

In light of these developments, CISA Director Jen Easterly expressed optimism about the findings of CSRB. She said that the insights from the investigation would play a key role in enhancing cybersecurity measures across both enterprise and government sectors.

Federal Agencies Need More Robust Security Measures

The discovery of the data breach points to the requirement for more robust security measures for federal agencies.

According to the Government Accountability Office, over 880 out of more than 4,000 cybersecurity recommendations to federal agencies are yet to be implemented as of December 2022.

Thus, the authorities need swift and comprehensive actions to protect sensitive information.

The U.S. government aims to understand the vulnerabilities in cloud technologies better as the investigation proceeds. The findings of CSRB revealed some insights which should enable organizations to strengthen their resilience against cybercrime, thereby securing critical data. This proactive approach to cybersecurity is crucial to ensure the security of citizen data as well as government operations.

Krishi Chowdhary Journalist

Krishi Chowdhary Journalist

Krishi is an eager Tech Journalist and content writer for both B2B and B2C, with a focus on making the process of purchasing software easier for businesses and enhancing their online presence and SEO.

Krishi has a special skill set in writing about technology news, creating educational content on customer relationship management (CRM) software, and recommending project management tools that can help small businesses increase their revenue.

Alongside his writing and blogging work, Krishi's other hobbies include studying the financial markets and cricket.

Most Popular News

1 U.S. Government Initiates Investigation into China’s Microsoft Email Breach
2 IBM’s “Brain-Like” Chip Breakthrough to Transform AI Energy Efficiency
3 GitHub Plans to Roll Out Mandatory 2FA to Strengthen Security
4 The Must-know Influencer Marketing Statistics in 2023
5 Future of VR Unveiled at the 50th SIGGRAPH Event

Latest News

IBM's "Brain-Like" Chip to Transform AI Energy Efficiency
News

IBM’s “Brain-Like” Chip Breakthrough to Transform AI Energy Efficiency

Krishi Chowdhary
GitHub's Plan to Roll Out Mandatory 2FA to Strengthen Security
News

GitHub Plans to Roll Out Mandatory 2FA to Strengthen Security

Krishi Chowdhary

GitHub, the leading software development platform, is all set to take a bold step to fortify its user accounts against cyber threats. With vulnerabilities looking menacing within the software development...

Essential Influencer Marketing Statistics 2023
Statistics

The Must-know Influencer Marketing Statistics in 2023

Jeff Beckman

Many people are beginning to buy into the idea of influencer marketing. It is an industry that assists influencers, marketers, and businesses. As per the reports, 21% of brands worldwide...

Future of VR Unveiled at the 50th SIGGRAPH Event
News

Future of VR Unveiled at the 50th SIGGRAPH Event

Krishi Chowdhary
VPN Users Beware: TunnelCrack Vulnerability Pose Privacy Threat
News

VPN Users Beware: TunnelCrack Vulnerabilities Pose Privacy Threat

Krishi Chowdhary
XRP Market Cap Temporarily Skyrockets to Trillions of Dollars On Gemini
Crypto News

XRP Market Cap Temporarily Skyrockets to Trillions of Dollars On Gemini

Damien Fisher
Ripple XRP Lawyer Analyses Options Regarding SEC’s Request for Interlocutory Appeal
Crypto News

Ripple XRP Lawyer Analyses Options Regarding SEC’s Request for Interlocutory Appeal

Damien Fisher

REGULATION & HIGH RISK INVESTMENT WARNING: Trading Forex, CFDs and Cryptocurrencies is highly speculative, carries a level of risk and may not be suitable for all investors. You may lose some or all of your invested capital, therefore you should not speculate with capital that you cannot afford to lose. The content on this site should not be considered investment advice. Investing is speculative. When investing your capital is at risk. Please note that we do receive advertising fees for directing users to open an account with the brokers/advertisers and/or for driving traffic to the advertiser website

© Copyright 2023 Techreport. All Rights Reserved.