Microsoft has released official announcements that it will begin to give users notifications if Microsoft itself is convinced that any of its users have been targeted by government-linked hackers, after they didn’t in the previous event where authorities of the Chinese government allegedly compromised Hotmail accounts exceeding 1,000.
Adding to the list of other US technology companies – among which is the likes of Google, Facebook, Twitter and Yahoo– Microsoft announced that the drift in policy was targeted at the general safety of its users as to help them safeguard the privacy of their data.
Scott Charney, corporate vice president of Microsoft’s Trustworthy Computing division, announced the move in his statement: “We will now notify you if we believe your account has been targeted or compromised by an individual or group working on behalf of a nation state.
“We’re taking this additional step of specifically letting you know if we have evidence that the attacker may be ‘state-sponsored’ because it is likely that the attack could be more sophisticated or more sustained than attacks from cybercriminals and others.”
The change is consequent to the discovery, from when Microsoft corporate executives came to the conclusion that over 1,000 of the company’s Hotmail email accounts had been compromised or hacked into by elements bearing relationship to Chinese authorities over three years starting in July 2009, but did not bring this users’ awareness.
Included in the emails of high-ranking Uighur and Tibetan leaders in multiple countries, human rights lawyers, African diplomats, and others in delicate positions inside China.
As a result of Microsoft’s attention being drawn to this by security company Trend Micro in 2011, Microsoft patched the security holes in its web services that gave the hackers the opportunity to gain access to the emails as well as to reset user passwords. But then it did not bring intrusion the to awareness of the affected users as well as the scope of the snooping, giving the hackers the premise to maintain continuity in their campaign, according to former Microsoft employees.
Microsoft officials did not even disagree with the intelligence that majority of the attacks could be traced back to China, including a Chinese network by the name of AS4808 which has been publicly credited to China by US intelligence, but said some came from elsewhere. They did not give further details.
“We weighed several factors in responding to this incident, including the fact that neither Microsoft nor the US government were able to identify the source of the attacks, which did not come from any single country,” the company said. “We also considered the potential impact on any subsequent investigation and ongoing measures we were taking to prevent potential future attacks.”
The Chinese government “is a resolute defender of cyber security and strongly opposes any forms of cyberattacks”, a Chinese Foreign Ministry spokesman said.
Charney said: “The evidence we collect in any active investigation may be sensitive, so we do not plan on providing detailed or specific information about the attackers or their methods. But when the evidence reasonably suggests the attacker is ‘state sponsored’, we will say so.”