Tuesday, April 30, 2024

Vogon Today

Selected News from the Galaxy

StartMag

Cybersecurity problem for Microsoft?

2 weeks ago babelfish

Cybersecurity problem for Microsoft?

Microsoft's recent cybersecurity failures come just as the American tech giant said Chinese state-backed hackers are increasing their use of artificial intelligence to spread disinformation to meddle in foreign elections

Microsoft, the world's largest seller of cybersecurity products, has a problem with its cybersecurity.

This is what Bloomberg found when it interviewed the company's head of security Charlie Bell.

So much so that Microsoft has recently found itself facing increasing scrutiny from the US government over its internal security practices.

In November 2023, the tech giant led by Satya Nadella launched a security initiative called “Secure Future Initiative” following a series of cybersecurity breaches linked to foreign governments. In fact, last May, Chinese-backed hackers accessed customers' emails. Then, in the summer of 2023, the Russia-linked group Anonymous Sudan stole the data of 30 million customers, Quartz recalls.

Earlier this month, a high-profile US Cyber ​​Safety Review Board released a scathing report calling out Microsoft for “avoidable errors” that allowed Chinese government hackers to infiltrate a Microsoft 365 cloud environment and steal emails from senior government officials, Axios reports.

Not forgetting that on April 2, the US Cybersecurity and Infrastructure Security Agency (Cisa) said that Moscow-backed hackers used an access to Microsoft to steal correspondence between officials.

All the details.

MICROSOFT GROUND ZERO FOR HACKERS

Microsoft is “ground zero” for foreign-backed hackers. This was stated by Charlie Bell, executive vice president of security at Microsoft, interviewed by Bloomberg .

“It's very difficult to defend yourself,” the top Microsoft executive added of cyber attackers. “They're incredibly good at collecting data over time, gathering and gathering more and more momentum, and then figuring out how to continue to leverage that to become more and more successful,” he told Bloomberg .

THE MOVES OF BIG TECH

Bloomberg 's report highlighted how Microsoft has implemented its security revamp so far. It has removed 1.7 million “identities” linked to old accounts and more than 700,000 outdated apps, and is further strengthening multi-factor authentication for more than 1 million accounts. The company is also taking steps to make it harder for hackers to steal Microsoft employee IDs.

The result, announced in November, is the Secure Future Initiative, an enterprise-wide security reboot that executives say will better position Microsoft to combat current threats and future threats that could be enhanced by artificial intelligence. The initiative is led by Bret Arsenault, vice president and chief cybersecurity consultant, who served as Microsoft's chief cybersecurity officer for 14 years.

Asked by Bloomberg why the company didn't address cyber issues sooner, Bell said the emergence of artificial intelligence and current hacking trends are among the reasons for a more comprehensive security review.

THE COMPUTER PROBLEMS CONTINUE

However, despite the launch of Microsoft's initiative, successful attacks by hackers continue.

Earlier this year, Microsoft revealed that the Midnight Blizzard hacker group had accessed its executives' emails. In a blog post , Microsoft said the intrusion began in late November and was discovered on January 12. According to the company, the cyber attackers are the same ones behind the SolarWinds attacks in 2020.

THE CYBER SAFETY REVIEW BOARD USA ATTACK

Earlier this month a scathing report from the US Cyber ​​Safety Review Board (CSRB) said the Midnight Blizzard breach was down to a “cascade of security failures”.

The CSRB said in its report that Microsoft's “security culture was inadequate and requires review, especially given the company's centrality to the technology ecosystem and the level of trust customers place in the company to protect their data and its operations,” Quartz reports again.

THE CISA ALARM

Finally, in a document dated April 2, the US Cybersecurity and Infrastructure Security Agency (Cisa) said that Russian government-backed hackers used an access to Microsoft to steal correspondence between officials. Reuters reports it.

The agency warned that hackers were exploiting authentication details shared via email to try to break into the systems of Microsoft customers, including those of an unspecified number of government agencies.

Therefore Cisa published an "emergency directive". This orders civilian agencies potentially affected by the hacking campaign to strengthen their defenses. The agency described the potential exposure of login credentials as an “unacceptable risk to agencies.” “Other organizations may also be affected by Microsoft's corporate email exfiltration,” Cisa added, encouraging customers to contact Microsoft for further details.

THE ALERT LAUNCHED BY THE US IT GIANT

These reports come in the wake of Microsoft's warning about Beijing's use of artificial intelligence to create disinformation campaigns and influence foreign elections.

On April 5, Microsoft Threat Intelligence released a report saying China will “at a minimum create and amplify AI-generated content to benefit their positions” ahead of high-profile elections in the United States, South Korea and in India.

The company's team of experts discovered that an online operation supported by the Chinese Communist Party. Known as “Spamouflage” or “Dragonbridge,” the campaign began using artificial intelligence in an attempt to influence public opinion in Taiwan and Canada.

This is a machine translation from Italian language of a post published on Start Magazine at the URL https://www.startmag.it/cybersecurity/problema-cybersecurity-per-microsoft/ on Tue, 16 Apr 2024 13:36:02 +0000.