Microsoft to Inform Users of State-Sponsored Email Attacks
According to Reuters, Microsoft will now be notifying email users of hacks of their accounts if they discover that it could be a state-sponsored hacking. This comes as a result of an attack of China Tibetan and Uighur minorities who had their accounts hacked by China’s state government in order to spy on activities. Per Reuters, “two former employees of Microsoft, the company’s own experts had concluded several years ago that Chinese authorities had been behind the campaign but the company did not pass on that information to users of its Hotmail service, which is now called Outlook.com.” This hacking of Tibetan and Uighur groups was initially covered up by Microsoft as per Quartz.
China has come out stating in a release that “The Chinese government “is a resolute defender of cyber security and strongly opposes any forms of cyberattacks”, Chinese Foreign Ministry spokesman Lu Kang said in response to questions about the attack, adding that it punishes any offenders in accordance with the law.”
“I must say that if the relevant party has some real and conclusive evidence, then it can carry out mutually beneficial cooperation with China in a constructive way in accordance with the existing channels,” Lu said at a daily news briefing.” And further went on to state that “But if there’s the frequent spreading of unfounded rumors, it will, in fact, be of no benefit to solving the problem, enhancing mutual trust and promoting cybersecurity.”
This comes on the heels of Twitter, Facebook, and Yahoo announcing similar measures to combat state-sponsored attacks. Microsoft in statement said, “As the threat landscape has evolved our approach has too, and we’ll now go beyond notification and guidance to specify if we reasonably believe the attacker is ‘state-sponsored’.” Interestingly enough, we wonder how this will effect NSA and US government spying on potential terrorist suspects. If Microsoft and others are going to pledge to notify customers of hacks of their email by state-sponsored actors, then how will this effect governments attacks on personal email accounts?
Here are some of our blog posts to read in the meantime:
Potential Amazon Password Leak
Top 5 Cybersecurity Threats in 2015
Top 5 Cybersecurity Myths that May Surprise You
Microsoft State of Security Address Experian (includes T-Mobile)
Tesla and Chrysler (unrelated to each other)
Apple App Store
U.S. Office of Personnel Management (OPM)
Kaspersky & FireEye (unrelated to each other)
Excellus Blue Cross Blue Shield
Ashley Madison (follow up)
Thanks for stopping by and reading our blog. We would appreciate if you could subscribe (assuming you like what you read; we think you will). This is meant to be informative and to provide value to anyone who reads this – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.
Be sure to subscribe to this blog and to our Podcast.
If you have ANY Cybersecurity needs, please contact us and a member of our staff with promptly reply to your question or concern.