Microsoft’s Cloud Cybersecurity Has Fatal Shortcomings

Paige Henley
Paige Henley Editor
Published on: April 9, 2024
Paige Henley Paige Henley
Published on: April 9, 2024 Editor

The US Cyber Safety Review Board recently revealed that a significant security breach involving US government emails via Microsoft Exchange Online software could have been prevented.

This breach was orchestrated by Chinese state-sponsored hackers and was the result of a “cascade of security failures” at Microsoft. The hackers gained access to the online email inboxes of 22 organizations, impacting over 500 individuals, including US government employees engaged in national security tasks.

The US Department of Homeland Security released a report harshly critiquing Microsoft for its preventable missteps and for fostering a corporate culture that placed low priority on security investments and strict risk management.

The attack method involved the hackers utilizing a stolen Microsoft account consumer key to forge tokens for accessing Outlook on the web and Outlook.com. Despite Microsoft’s uncertainty about how the key was initially compromised — suspecting it might have been part of a crash dump —they’ve acknowledged their theory’s limitations.

In addressing the breach, Microsoft initially disseminated inaccurate information via a September 2023 blog post, which it only corrected in March 2023 after persistent inquiries from the Cyber Safety Review Board. This delay in correction and the full cooperation provided during the board’s investigation spotlighted the necessity for a significant revamp in Microsoft’s security culture.

The Cyber Safety Review Board has concluded that not only was the intrusion preventable but also that Microsoft’s security measures were severely lacking, emphasizing the need for an overhaul given Microsoft’s pivotal role in the technology ecosystem:

“The Board finds that this intrusion was preventable and should never have occurred. The Board also concludes that Microsoft’s security culture was inadequate and requires an overhaul, particularly in light of the company’s centrality in the technology ecosystem and the level of trust customers place in the company to protect their data and operations,” the report reads.

In response to the breach and subsequent cybersecurity incidents, Microsoft is taking steps to substantially improve its software security through the introduction of the Secure Future Initiative (SFI). Its changes also include the launch of Copilot for Security, an AI-powered chatbot aimed at aiding cybersecurity professionals.

About the Author
Paige Henley
Published on: April 9, 2024

About the Author

Paige Henley is an editor at SafetyDetectives. She has three years of experience writing and editing various cybersecurity articles and blog posts about VPNs, antivirus software, and other data protection tools. As a freelancer, Paige enjoys working in a variety of content niches and is always expanding her knowledge base. When she isn't working as a "Safety Detective", she raises orphaned neonatal kittens, works on DIY projects around the house, and enjoys movie marathons on weekends with her husband and three cats.

Leave a Comment