Microsoft Role To Be Investigated After US Government Breach

Microsoft will be subjected to uncomfortable scrutiny over its role, after China-based hackers breached US government emails last month.

Bloomberg News reported, citing two people familiar with the matter, that a US cybersecurity advisory panel will investigate risks in cloud computing, including Microsoft’s role in the recent breach of government officials’ email accounts by suspected Chinese hackers.

That triggered US House of Representatives Oversight Committee, which last week announced it is “investigating the recent cyber espionage campaigns which breached the Department of State and the Department of Commerce.”

US government hack

Prior to that Oregon Senator (Democrat) Ron Wyden in July had asked the Federal Trade Commission, the Cybersecurity and Infrastructure Security Agency (CISA) and the US Justice Department to “take action” against Microsoft following the hack.

The issue began in July when Microsoft and the White House confirmed that China-based hackers had compromised the email accounts belonging to a number of US government departments, as well as 25 unnamed organisations.

Microsoft at the time labelled the China-based threat actor Storm-0558, and said the attacks seemed to focused “on espionage, data theft, and credential access.” The intrusion activity began in May and continued for roughly one month.

A number of other US government departments had also been compromised (including the US House of Representatives).

The full extent of the breach, which affected at least two dozen other organisations, is still not clear, but some media outlets reported that hundreds of thousands of emails were stolen.

Indeed, so serious was the attack that US Secretary of State Antony Blinken made clear to China’s top diplomat Wang Yi in a meeting in July that any action that targets the US government, US companies or American citizens “is of deep concern to us, and that we will take appropriate action to hold those responsible accountable.”

It also emerged that emails belonging to some very senior officials in the US government had been compromised by the China-based cyberattack.

Indeed, emails belong to US Commerce Secretary Raimondo, as well senior State Department diplomats, were among those accessed by the hackers.

It is worth remembering that the US Commerce Secretary Raimondo has implemented a series of export control policies against China, curbing the transfer of semiconductors and other sensitive technologies to Beijing.

Microsoft focus

Now according to the Bloomberg report, the Cyber Safety Review Board, which was created by the Biden administration to investigate major cybersecurity events, will focus on risks to cloud computing infrastructure.

It will also examine identity and authentication management, and all relevant cloud service providers, according to a Department of Homeland Security official.

The issue was brought into focus by the breach of Microsoft’s email systems, the official told Bloomberg.

Both people asked not to be named so they could disclose sensitive information.

It comes after Microsoft faced growing questions about how hackers allegedly operating on Beijing’s behalf, obtained one of its cryptographic keys and took advantage of a coding flaw to secure widespread access to the company’s cloud email platform.