Recently, the US Department of Homeland Security (DHS) released a scathing report criticizing Microsoft for its inadequate security measures. This allowed Chinese hackers to breach the accounts of key government officials, such as Commerce Secretary Gina Raimondo, Ambassador to China Nicholas Burns, and Rep. Don Bacon (R-NE), who are pivotal in managing the country’s relations with China.
Government inquiries are usually dull, resulting in lackluster reports with feeble recommendations. However, the DHS report, spanning 29 pages, was different. It directly called out Microsoft for its security lapses, highlighting a series of errors that facilitated the successful intrusion. The report emphasized that Microsoft’s security framework was so feeble that it failed to detect the compromise independently, relying on a customer to flag anomalies.
Furthermore, the report accused Microsoft of issuing misleading statements about the attack, claiming to have identified the root cause last fall, despite still being uncertain about the breach’s origins.
Ultimately, the report concluded that Microsoft’s security measures are inadequate and urgently need a revamp.
There is a concerning pattern of foreign entities exploiting Microsoft’s security vulnerabilities to target high-profile government officials and private enterprises. Despite previous breaches, little has changed, raising doubts about whether Microsoft will improve its security protocols. The Chinese hack serves as a stark reminder of the ongoing security risks.
2024-04-12 22:00:03
Article from www.computerworld.com