What you need to know
- A group of suspected Chinese hackers breached Microsoft email accounts belonging to two dozen government agencies in July, though the issue has been mitigated.
- A cybersecurity advisory panel commissioned by U.S. President Biden's administration, dubbed the Cyber Safety Review Board, has launched an investigation into the risks of cloud computing.
- The panel's investigation will also look into Microsoft.
- Senator Ron Wyden penned a letter on July 27 requesting the board to look into the attack and cited that there was more to the story than Microsoft was letting on.
In July, a group of suspected Chinese hackers compromised Microsoft email accounts belonging to two dozen government agencies, including State Department officials and Commerce Secretary Gina Raimondo. And while the issue has since been fixed by Microsoft's cybersecurity teams, reports indicate that the hackers had access to government systems from as early as May, as reported by CNBC.
And now, a U.S. cybersecurity advisory panel commissioned by President Biden's administration has launched an investigation into the risks of cloud computing, as spotted by Bloomberg. As highlighted by the Homeland Security Department, the Cyber Safety Review Board is in place to look into major cybersecurity events, including cloud computing, identity and authentication management, and more.
According to sources (that opted to remain anonymous), the panel's investigation scope will also include Microsoft. Homeland security officials have also shown great concern after learning about the breach and have played a great role in getting the advisory panel to investigate the matter. This is because cloud computing is important because many people rely on its services and use it to run critical systems for Americans.
Senator Ron Wyden penned a letter on July 27 to the board, requesting it to investigate the suspected Chinese attack on Microsoft with the aim of pinpointing whether the company had a hand in cybersecurity malpractice.
According to the Senator:
"Government emails were stolen because Microsoft committed another error. Microsoft should not have had a single skeleton key that, when inevitably stolen, could be used to forge access to different customers’ private communications."
Microsoft under scrutiny
Reports indicate that the suspected Chinese hackers had access to government systems since May. And while the issue was quickly resolved once the Department of State detected suspicious activities, it's unclear if the threat actors collected any information while accessing these systems.
The group of hackers, called Storm-0558 by Microsoft, managed to tap into Microsoft-powered email accounts and personal accounts belonging to agencies. Microsoft has been in the spotlight in regard to how it handles cybersecurity threats. Tenable CEO Amit Yoran has particularly been vocal about it citing its lack of transparency when it comes to security breaches and security practices.
Recently, we've seen hacker groups leveraging sophisticated techniques to dupe unsuspecting users into granting them access to their private and confidential information. For instance, the recent attack on Microsoft Teams, where Russian hackers impacted less than 40 unique organizations by leveraging previously compromised Microsoft 365 tenants belonging to small business owners.
Admittedly, Microsoft quickly resolves these issues, but it's impossible to tell the impact of these attacks. We'll have to wait for the advisory panel to share its findings to understand what's happening.
