What Microsoft Staff/GitHub/systemd Hopes to Distract From This Week
-
VOA News ☛ Scathing federal report rips Microsoft for response to Chinese hack [Ed: Microsoft hopes to distract from it]
It concluded that "Microsoft's security culture was inadequate and requires an overhaul" given the company's ubiquity and critical role in the global technology ecosystem. Microsoft products "underpin essential services that support national security, the foundations of our economy, and public health and safety."
The panel said the intrusion, discovered in June by the State Department and dating to May, "was preventable and should never have occurred," and it blamed its success on "a cascade of avoidable errors." What's more, the board said, Microsoft still doesn't know how the hackers got in.
-
Gizmodo ☛ Microsoft’s Shoddy Security Exposed US Official Emails in Chinese Hack
“It is imperative that cloud service providers prioritize security and build it in by design,” said the Cyber Safety Review Board Chair Robert Silvers in a press release.
-
Quartz ☛ DHS blames Microsoft's 'culture' for 'preventable' hack in scathing report
Microsoft maintains it doesn’t know how or when the hackers obtained the key. In a blog post updated last month, Microsoft said its “leading hypothesis remains that operational errors resulted in key material leaving the secure token signing environment that was subsequently accessed in a debugging environment via a compromised engineering account.” It previously said in September that Storm-0558 may have accessed the key from a crash dump in 2021, but that it had not found a crash dump with the key material. The CSRB said in its report Microsoft’s original blog post was “inaccurate,” and that it wasn’t updated until March 12 “as the Board was concluding its review and only after the Board’s repeated questioning about Microsoft’s plans to issue a correction.”
-
DHS ☛ Cyber Safety Review Board Releases Report on Microsoft Online Exchange Incident from Summer 2023 | Homeland Security
In August 2023, DHS announced that the CSRB would assess the recent Microsoft Exchange Online intrusion, initially reported in July 2023, and conduct a broader review of issues relating to cloud-based identity and authentication infrastructure affecting applicable cloud service providers (CSP) and their customers. The CSRB obtained data from and conducted interviews with 20 organizations and experts including cybersecurity companies, technology companies, law enforcement organizations, security researchers, academics, as well as several impacted organizations.
The inclusive review process developed actionable findings and recommendations. As a result of the CSRB’s recommendations, CISA plans to convene major CSPs to develop cloud security practices aligned with the CSRB recommendations and a process for CSPs to regularly attest and demonstrate alignment.
-
The Register UK ☛ Microsoft slammed for lax infosec that led to Exchange crack
A review of the June 2023 attack on Microsoft's Exchange Online hosted email service – which saw accounts used by senior US officials compromised by a China-linked group called "Storm-0558" – has found that the incident would have been preventable save for Microsoft's lax infosec culture and sub-par cloud security precautions.
The review, conducted by the US government's Cybersecurity and Infrastructure Security Agency's Cyber Safety Review Board (CSRB), calls for "rapid cultural change" at Microsoft. Among the Board's recommendations: [...]
-
The Record ☛ DHS blames ‘cascade of security failures at Microsoft’ for China hack on US government
Microsoft still does not have a full understanding of how alleged Chinese government hackers breached its systems and accessed the emails of senior U.S. government leaders, according to a review by the Department of Homeland Security.
In a 34-page report conducted by the Cyber Safety Review Board (CSRB), U.S. officials concluded that Chinese hackers, known as Storm-0558, were able to succeed “because of a cascade of security failures at Microsoft.” The CSRB report, which was dated March 20 and released publicly on Tuesday, was shared with President Joe Biden and Secretary of Homeland Security Alejandro Mayorkas.
-
CISA ☛ Cyber Safety Review Board Releases Report on Microsoft Online Exchange Incident from Summer 2023
The U.S. Department of Homeland Security released the Cyber Safety Review Board’s (CSRB) findings and recommendations following its independent review of the Summer 2023 Microsoft Exchange Online intrusion. The review detailed operational and strategic decisions that led to the intrusion and recommended specific practices for industry and government to implement to ensure an intrusion of this magnitude does not happen again. This is the third review completed by the CSRB since the Board was established in September 2021.
-
Security Week ☛ Scathing Federal Report Rips Microsoft for Shoddy Security, Insincerity in Response to Chinese Hack
The Cyber Safety Review Board, created in 2021 by executive order, describes shoddy cybersecurity practices, a lax corporate culture and a lack of sincerity about the company’s knowledge of the targeted breach, which affected multiple U.S. agencies that deal with China.
It concluded that “Microsoft’s security culture was inadequate and requires an overhaul” given the company’s ubiquity and critical role in the global technology ecosystem. Microsoft products “underpin essential services that support national security, the foundations of our economy, and public health and safety.”
-
The Verge ☛ Microsoft could have prevented Chinese cloud email hack, US cyber report says
A new report from the US Cyber Safety Review Board has found that Microsoft could have prevented Chinese hackers from breaching US government emails through its Microsoft Exchange Online software last year. The incident, described as a “cascade of security failures” at Microsoft, allowed Chinese state-sponsored hackers to access online email inboxes of 22 organizations, affecting more than 500 people including US government employees working on national security.
The US Department of Homeland Security (DHS) has released a scathing report that found that the hack was “preventable” and that a number of decisions inside Microsoft contributed to “a corporate culture that deprioritized enterprise security investments and rigorous risk management.”
-
India Times ☛ Cyber board Chinese hack preventable: Cyber board says Chinese hack of US officials was 'preventable'
The US Cyber Safety Review Board said on Tuesday a targeted Chinese hack of top government officials' emails last year was "preventable", faulting technology giant Microsoft for its cybersecurity lapses and a deliberate lack of transparency.
The board said in its report that it identified a series of decisions taken by Microsoft that had decreased enterprise security, risk management and trust from the customers to protect their data and operations.
-
Security Week ☛ Missouri County Hit by Ransomware
Jackson County, Missouri, on Tuesday announced that its IT systems are experiencing ‘significant disruptions’ that are likely caused by a ransomware attack.
-
Missouri ☛ Media Releases - Jackson County MO
Jackson County has identified significant disruptions within its IT systems, potentially attributable to a ransomware attack. Early indications suggest operational inconsistencies across its digital infrastructure and certain systems have been rendered inoperative while others continue to function as normal.
Systems impacted so far include tax payments and online property, marriage license and inmate searches. As a result, the Assessment, Collection and Recorder of Deeds offices at all County locations will be closed until further notice.