Microsoft's Information Security Culture, Cloud Vulnerabilities To Blame For 2023 China-Linked Cyberattack, Says Federal Agency
The Cyber Safety Review Board (CSRB) of the Cybersecurity and Infrastructure Security Agency has found that Microsoft Corporation (NASDAQ:MSFT) had security lapses that paved the way for a 2023 cyberattack. This incident resulted in the compromise of high-ranking US officials’ accounts. What Happened: According to the CSRB report, a group with links to China, identified as “Storm-0558”, took advantage of inadequacies in Microsoft’s cloud security and infosec culture. This led to a breach of its Exchange Online hosted email service in June 2023. Following this, Microsoft and the federal government continued investigating the hack and understanding its full impact. The report highlighted Microsoft’s key rotation practices for securing the Microsoft Services Account (MSA), which didn’t include an automatic signing of key rotation or deactivation process. The outdated system, launched during the early 2000s, proved ineffective when Microsoft stopped manually managing keys in 2021 after a major cloud outage. See Also: Mark Cuban Jokes Zuckerberg Was ‘Just Trying To Get Laid’ As He Reveals ...Full story available on Benzinga.com
ONLY AVAILABLE IN PAID PLANS
Published by: benzinga
Read full article here: https://www.benzinga.com/news/24/04/38062763/microsofts-information-security-culture-cloud-vulnerabilities-to-blame-for-2023-china-linked-cyberat
- Consumer Tech
- Cyberattack
- Microsoft
- Msft
- News
- Sudhanshu Singh
- Tech
- Msft
- Us5949181045
- News
- Tech
- Benzinga
- Benzinga Neuro
- Technology
- United States Of America
