The Schwartz Report

Blog archive

Microsoft To Notify Targets of State-Sponsored Cyberattacks

Microsoft will inform customers of its online and cloud accounts when they are compromised or targeted by representatives of nation states, the company announced late last week. The company revealed its decision to notify Microsoft Account holders of state-sponsored attacks Dec. 30, in wake of several other leading providers doing so including Facebook, Twitter and Yahoo.

The announcement came following a report by Reuters that 1,000 Hotmail accounts were compromised in 2011 by representatives of the Chinese government. The accounts were used by Uighur and Tibetan leaders and diplomats from Japan and Africa, along with human rights lawyers and others, according to two former Microsoft employees who weren't identified by Reuters. Microsoft Spokesman Frank Shaw told the news service it had never confirmed the origin of those attacks. The report revealed that Microsoft hadn't informed the Hotmail users that their messages were collected.  

All Microsoft Accounts including Outlook.com (aka Hotmail) and OneDrive are covered by the new disclosure policy, said Scott Charney, corporate VP of Trustworthy Computing, in a blog post announcing the company's new disclosure policy.

"We're taking this additional step of specifically letting you know if we have evidence that the attacker may be 'state-sponsored' because it is likely that the attack could be more sophisticated or more sustained than attacks from cybercriminals and others," Charney wrote. "These notifications do not mean that Microsoft's own systems have in any way been compromised. If you receive one of these notifications it doesn't necessarily mean that your account has been compromised, but it does mean we have evidence your account has been targeted, and it's very important you take additional measures to keep your account secure."

Charney noted that Microsoft doesn't plan to disclose details about the attackers or their methods given the evidence collected could be sensitive. "But when the evidence reasonably suggests the attacker is 'state sponsored,' we will say so," according to Charney.

Charney advised customers can protect themselves by using two-step verification, watching for suspicious activity, refraining from opening suspicious e-mails or visiting questionable Web sites, using strong passwords and keeping software updated and patched.

Posted by Jeffrey Schwartz on 01/05/2016 at 11:58 AM


Featured

  • Microsoft Warns IT Pros on Windows Netlogon Fix Coming Next Month

    Microsoft on Thursday issued a reminder to organizations to ensure that their systems are properly patched for a "Critical"-rated Windows Netlogon vulnerability before next month's "update Tuesday" patch distribution arrives.

  • Microsoft Nudging Skype for Business Users to Teams

    Microsoft on Thursday announced some perks and prods for Skype for Business unified communications users, with the aim of moving them to the Microsoft Teams collaboration service instead.

  • How To Improve Windows 10's Sound and Video Quality

    Windows 10 comes with built-in tools that can help users get the most out of their sound and video hardware.

  • Microsoft Offers More 'Solorigate' Advice Using Microsoft 365 Defender Tools

    Microsoft issued yet another article with advice on how to use its Microsoft 365 Defender suite of tools to protect against "Solorigate" advanced persistent threat types of attacks in a Thursday announcement.

comments powered by Disqus