How Chinese, Russian hackings ‘forced’ Microsoft to “step back for a moment” – Times of India

Microsoft, which has been criticised for its ‘inability’ to stop hackers tied to the Chinese government targeting US departments, is reportedly working on its “most ambitious security overhaul in two decades.” The Windows maker, which is the world’s largest seller of cybersecurity products, has been called on by the authors of a report by US Cyber Safety Review Board to institute urgent reforms.

Hackings on US government’s digital infrastructure

The US government has deployed Microsoft’s products to thwart all foreign government hacking attempts. Microsoft’s cybersecurity operation generates more than $20 billion in sales per year and has been among the company’s fastest growing sources of revenue, a report by Bloomberg said. It added that several of the anti-hacking tools are sold as a bundle with Microsoft’s software.
“It [Microsoft] is a critical partner in the government’s cyberdefense initiatives, with almost unparalleled insights about hackers’ activities and sweeping capabilities to disrupt their operations,” the report said, pointing out that a number of high-profile hacking prompted policymakers, security experts and competitors to criticise the company for its failure to curb those attacks.
Since 2021, government-backed hackers have targeted Microsoft products and its customers.
2021:Chinese hackers exploited vulnerabilities in Microsoft’s email servers, compromising customer accounts. They then publicly disclosed the flaws, leading to further attacks.
2023: Chinese hackers breached email accounts of 22 US federal agencies, including those of officials involved in China policy.
March 2024: Microsoft revealed Russian hackers used a basic method to access emails of executives, security specialists, and lawyers. The attackers also obtained some source code and confidential communications.
April 2024: Cybersecurity officials confirmed compromised emails included US federal agencies. An emergency warning urged affected agencies to check for attempts by Russian hackers to use stolen login credentials.

Steps that Microsoft will take to strengthen its systems

According to Microsoft’s security chief Charlie Bell said that hackers are “incredibly good at collecting data over time, gathering and gathering more and more momentum and then figuring out how to keep parlaying that into more and more success.
He said that a number of cases prompted the company executives to say: “Well, let’s step back for a moment.” This reportedly resulted in the Secure Future Initiative, a company-wide security reboot that aims to better position Microsoft to combat current threats as well as future ones that may be powered by AI.
Among other steps, Microsoft reportedly says it will move faster to address cloud vulnerabilities, make it harder for hackers to steal credentials and automatically enforce multi-factor authentication for employees.
Microsoft said that it will leverage AI and automation to enhance software security, and prioritise using programming languages considered more secure. Additionally, Microsoft will bolster security protocols to make it more difficult for attackers to exploit stolen credentials or access tools for data theft and the company aims for a 50% faster response time to mitigate vulnerabilities, particularly in cloud-based systems.
Microsoft is planning to remove old or unused accounts as well as applications that are no longer supported by software updates or meet new security standards. They removed over 1.7 million inactive accounts and 730,000 outdated or non-compliant applications.
Microsoft has enforced MFA on over 1 million internal accounts across development, testing, demos, and production environments. New digital IDs for employees and vendors now require video calls with managers and the issuance of short-lived credentials for new hires and vendors. These measures aim to make impersonation and ID theft more difficult.

Latest news
Related news