Microsoft will warn users targeted by government hackers
Microsoft promises to notify its users if it believes that the government’s targeting their account. In its announcement post, the company says it already notifies subscribers if an unauthorized person’s trying to access their Outlook email and OneDrive. But from now on, it will also specify if it suspects the attacker is sponsored by a government.
[bold]Microsoft VP Scott Charney writes:[/bold]
We’re taking this additional step of specifically letting you know if we have evidence that the attacker may be “state-sponsored” because it is likely that the attack could be more sophisticated or more sustained than attacks from cybercriminals and others. These notifications do not mean that Microsoft’s own systems have in any way been compromised.
According to Reuters, Redmond has changed its policy after the news outlet made a series of inquiries over the past few days regarding a Hotmail attack that was discovered in 2011. Apparently, Microsoft had evidence that Chinese authorities were behind that campaign targeting the emails of China’s Tibetan and Uighur minority leaders, but it never told the victims. (*see update below)
In addition to announcing the new policy, the company has also listed steps people can take to prevent their accounts from being accessed by outsiders, state-sponsored or not. These include switching on two-step verification, using strong passwords and keeping their OS and anti-virus program up to date. Microsoft is the latest addition in the growing list of tech corporations that had chosen to tell their customers if they’re being hacked by the government. Google has been doing so since 2012, and Facebook announced its intention to warn people of state-sponsored attacks in October.
Update: A Microsoft spokesperson has reached out and told Engadget that it isn’t true that it was able to pinpoint the source of the 2011 Hotmail attacks:
Our focus is on helping customers keep personal information secure and private. Our primary concern was ensuring that our customers quickly took practical steps to secure their accounts, including by forcing a password reset. We weighed several factors in responding to this incident, including the fact that neither Microsoft nor the U.S. Government were able to identify the source of the attacks, which did not come from any single country. We also considered the potential impact on any subsequent investigation and ongoing measures we were taking to prevent potential future attacks.