Microsoft has pledged to inform its users about state-sponsored hacking attempts. While the company isn’t confirming, the policy decision may be based on a sophisticated attack that was allegedly launched by Chinese authorities on Hotmail.
Microsoft confirmed on Wednesday that it will notify people who have Microsoft accounts if it believes those accounts have been targeted or hacked by people working on behalf of a nation or state. A government backed hacking is much more sophisticated and tougher to deal with as compared to those launched by individuals, said the company’s executive Scott Charney through a blog post on the Microsoft website.
“We will now notify you if we believe your account has been targeted or compromised by an individual or group working on behalf of a nation state. The company is taking this additional step if it has evidence that the attacker may be state-sponsored because it is likely that the attack could be more sophisticated or more sustained than attacks from cybercriminals and others.”
He categorically noted that the notifications “do not mean that Microsoft’s own systems have in any way been compromised.” Moreover, if a customer receives such a notification, it doesn’t mean they have been hacked. The notification means that Microsoft has evidence to believe that the account has been targeted, and most-likely, those behind the suspected illicit activities are state-sponsored agencies. More importantly, it does mean that user should immediately increase the security settings on their accounts, reported Los Angeles Times.
Microsoft does have standard policies in place that do trigger a notification if the company’s backend system believes the account has been targeted or compromised by third parties. However, till date, users weren’t informed if the attack was most likely orchestrated by state-backed agencies. Major internet companies like Google, Facebook and, most recently, Yahoo, have been issuing such warnings to its users. Microsoft has just amended its policy for email platform Outlook.com and cloud based virtual storage platform OneDrive.
While the decision to inform if the hacking attempt is state-sponsored may be owing to the heightened risk of sophisticated attacks, there appears to be another reason why Microsoft decided to update its policy. According to Reuters, Microsoft was aware of a Chinese state-sponsored hack in May 2011, that targeted international leaders of China’s Tibetan and Uighur minorities. However, the company chose to remain silent and did not inform the victims, which allowed hackers to continue their campaign.
Relying on testimony of former Microsoft employees, Reuters claimed that the attack was sponsored by China. But the Redmond-based company claims that even the U.S. government was unable to identify the source of the attacks, “which did not come from any single country,” reported ComputerWorld. Though Microsoft spokesman Frank Shaw maintains the company was never certain of the origin of the Hotmail attacks, the company admitted for the first time that it had not called, emailed or otherwise told the Hotmail users that their electronic correspondence had been collected.
Attacks sponsored by states or nations are quite sophisticated and it takes a huge sustained effort to cleanse the system. In case of the Hotmail attacks, security firm Trend Micro Inc. had announced that it had found an email that contained a miniature computer program that stealthily took advantage of a previously undetected flaw in Microsoft’s own web pages to direct Hotmail and other free Microsoft email services to secretly forward copies of all of a recipient’s incoming mail to an account controlled by the attacker, reported Yahoo.
In case Microsoft does send a notification saying it believes the attack was state-sponsored, the company has outlined various steps the users should take to protect themselves.
[Photo by Stephen Brashear/Getty Images]