DHS report rips Microsoft for ‘cascade’ of errors in China hack

..  e così si viene a sapere da un rapporto investigativo del governo USA che la posta elettronica di agenzie USA (ed almeno 22 organizzazioni e 500 individui in giro per il mondo), gestita da Microsoft è stata violata da hacker dei servizi segreti cinesi … e non si sa ancora come.

Interessante, considerando che a varie riprese la posta elettronica di importanti ministeri in Italia, università, ecc. è stata di recente migrata a Microsoft.

Chissà quale sarà la nostra reazione. Forse spallucce pensando “chi vuoi che sia interessato a spiare noi?”

Source: The Washington Post

The Cyber Safety Review Board’s report, a copy of which The Post obtained before its official release, takes aim at shoddy cybersecurity practices, lax corporate culture and a deliberate lack of transparency over what Microsoft knew about the origins of the breach. It is a blistering indictment of a tech titan whose cloud infrastructure is widely used by consumers and governments around the world.

The intrusion, which ransacked the Microsoft Exchange Online mailboxes of 22 organizations and more than 500 individuals around the world, was “preventable” and “should never have occurred,” the report concludes.

Perhaps most concerning, the board report makes clear, Microsoft still does not know how the Chinese carried out the attack.

In a statement to The Post, Microsoft said it appreciated the board’s work.

U.S. intelligence agencies say the breach, discovered in June, was carried out on behalf of Beijing’s top spy service, the Ministry of State Security (MSS). The service runs a vast hacking operation that includes the group that carried out the intrusion campaign dubbed Operation Aurora, which was first publicly disclosed in 2010 by Google.

The 2023 Microsoft intrusions exploited security gaps in the company’s cloud, allowing MSS hackers to forge credentials that enabled them to siphon emails from Cabinet officials such as Raimondo, as well as Nicholas Burns, the U.S. ambassador to China, and other top State Department officials.

Continua qui: DHS report rips Microsoft for ‘cascade’ of errors in China hack – The Washington Post

If you like this post, please consider sharing it.

Leave a Comment

Your email address will not be published. Required fields are marked *