Previous Story
Microsoft Corporation to Warn Users of Suspected State-Sponsored Hacks
Posted On Dec 31 2015
Comment: Off
It needed to make a distinction because it was “likely that the attack could be more sophisticated or more sustained than attacks from cybercriminals and others”, wrote Microsoft’s Scott Charney in a blogpost.
It is unclear what happened to the email users and their correspondents as a result of Microsoft’s failure to alert them to the suspected government hacking.
“As the threat landscape has evolved our approach has too, and we’ll now go beyond notification and guidance to specify if we reasonably believe the attacker is “state-sponsored”.” said Microsoft in its statement to Reuters.
Attempts to intercept communications from the email accounts in question began as early as June 2009, two former Microsoft employees allege, but the attacks weren’t discovered until 2011.
Users will be notified if services they access through Microsoft Account logins, including Outlook.com and OneDrive, have been breached by a government organization or hackers working for governments. Microsoft didn’t say that the Hotmail hacking campaign was behind its policy shift and made no mention of Chinese hacking in its announcement.
Charney did not specifically mention the Reuters article in his post, but a Microsoft representative told the news agency that it plans to change its policy to notify email users of state-sponsored attacks.
The software giant announces the change after a similar move was announced by Yahoo recently.
Many diplomats, media workers, human rights lawyers, and others in sensitive positions inside China were targeted in Hotmail attack according to the former employees of Microsoft.
As if it wasn’t bad enough the regular hackers are trying to break into our systems and steal our information, there are also state-sponsored hackers who are out targeting systems as well, although in the case of the latter it is presumably done for the sake of national security and whatnot. Microsoft has issued a statement saying that neither the company nor US Government can specify the sources of hacking attacks, as it came from multiple countries.
Microsoft said the company had believed the password resets would be the fastest way to restore security to the accounts. Five victims interviewed by Reuters said they had not taken the password request as an indication of hacking.
