Microsoft email servers hack could have been prevented

Microsoft publicly disclosed several months ago that a Chinese hacking group, Storm-0558, breached its servers in early the previous year, initiating surveillance on email servers associated with senior US government officials. Following an investigation, Members of Congress assert that Microsoft’s report on the email server hack could have been prevented had the tech giant not made a series of avoidable errors.

This assertion holds weight. Every company typically employs a dedicated team of security analysts not only to defend servers but also to proactively mitigate such risks.

During his appearance before the House Committee on Homeland Security in Washington, Microsoft President Brad Smith endured a grueling three-hour interrogation from committee members. He concluded by assuring them that cybersecurity will soon become deeply ingrained in the culture of the tech company to prevent similar embarrassments in the future.

In July 2023, a Chinese-affiliated espionage group known as Storm-0558 leaked documents purportedly obtained from emails belonging to US federal officials. A preliminary investigation by the White House revealed a data breach incident. Notably, in 2021, during an acquisition, data from a new employee’s laptop was compromised. Eventually, the hackers gained access to server credentials, allowing them to infiltrate servers owned by the MS Office software provider, resulting in espionage and hacking.

Following this, the Cyber Safety Review Board (CSRB), led by the Department of Homeland Security (DHS), launched an investigation into the incident. It concluded that the months-long surveillance could have been prevented had the Windows OS giant exercised greater caution.

US Congressman Bennie Thompson disclosed that Microsoft, under the leadership of Satya Nadella, has committed to avoiding future data breaches by implementing proactive measures.

Furthermore, Microsoft Office 365 announced that all C-level employees who achieve cybersecurity milestones will receive corresponding bonuses, according to the latest statement from the software giant.

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display