Microsoft to warn email users of suspected hacking by governments
Microsoft said it will begin warning users of its consumer services when the company suspects that a govt has been trying to hack into their accounts
Microsoft Corp said on Wednesday it will begin warning users of its consumer services including Outlook.com email when the company suspects that a government has been trying to hack into their accounts.
The policy change comes nine days after Reuters asked the company why it had decided not tell victims of a hacking campaign, discovered in 2011, that had targeted international leaders of China’s Tibetan and Uighur minorities in particular.
According to two former employees of Microsoft, the company’s own experts had concluded several years ago that Chinese authorities had been behind the campaign but the company did not pass on that information to users of its Hotmail service, which is now called Outlook.com.
In its statement, Microsoft said neither it nor the U.S. government could pinpoint the sources of the hacking attacks and that they didn’t come from a single country.
The policy shift at the world’s largest software company follows similar moves since October by Internet giants Facebook, Twitter and most recently Yahoo Inc.
Google pioneered the practice in 2012 and said it now alerts tens of thousands of users every few months.
For two years, Microsoft has offered alerts about potential security breaches without specifying the likely suspect.
In a statement to Reuters, Microsoft said: “As the threat landscape has evolved our approach has too, and we’ll now go beyond notification and guidance to specify if we reasonably believe the attacker is ‘state-sponsored’.”
In a blog post published late Wednesday, Microsoft said: “We’re taking this additional step of specifically letting you know if we have evidence that the attacker may be ‘state-sponsored’ because it is likely that the attack could be more sophisticated or more sustained than attacks from cybercriminals and others.
The Hotmail attacks targeted diplomats, media workers, human rights lawyers, and others in sensitive positions inside China, according to the former employees.
Microsoft had told the targets to reset their passwords but did not tell them that they had been hacked. Five victims interviewed by Reuters said they had not taken the password reset as an indication of hacking.
Online free-speech activists and security experts have long called for more direct warnings, saying that they prompt behavioral changes from email users.
Also Read
-
Santa tracked by Google, Microsoft
Google and Microsoft had their virtual eyes on Santa Claus and his gift-laden sleigh on Thursday Digital -
Microsoft and Google call truce in patent wars
Legal battles between the companies included suits over technology for Internet-linked mobile devices, WiFi and digital video Technology -
Microsoft names Brad Smith president and chief legal officer
Microsoft has given longtime executive Brad Smith the title of president Technology -
UK spies can hack smartphones with simple SMS, says Snowden
Former U.S. intelligence contractor says British spies use a series of interception tools World News -
Data hacked from U.S. government dates back to 1985
The breach of computer systems of the Office of Personnel Management was disclosed on Thursday by the Obama administration News -
Microsoft is killing off Internet Explorer, but what’s next?
The new browser is currently codenamed “Project Spartan” Technology -
British govt to request information from web giants on extremists
Downing Street policy chiefs are scheduled to meet with Google, Facebook, Twitter and Microsoft Digital
