Tech Support
Documentation
Login
Contact Us
US Cyberboard To Investigate Intrusion Of Government Email Systems Provided By Microsoft
Wajahat Raja
August 21, 2023 - TuxCare expert team
The recent Microsoft email intrusion sparks US cyberboard investigation. The United States Cyber Security Review Board (CSRB) has launched this investigation in a key step towards improving cybersecurity. This breach, attributed to Chinese state-sponsored hackers, has raised worries regarding cloud-based identification and authentication infrastructure. It has also forced the CSRB to investigate the situation thoroughly.
US Cyberboard Examines Microsoft Email System Breach
The US cyberboard Microsoft email intrusion or the mid-May breach entailed unauthorized access to government email accounts, including those of US Commerce Secretary Gina Raimondo and US State Department employees. This attack uncovered a key weakness in the cloud-based authentication mechanism, which allowed hackers to fake authentication tokens and obtain access to the affected accounts.
Microsoft’s Response and Discovery
Microsoft, the vendor of the compromised email system, revealed that the hackers gained unauthorized access by using a stolen confidential signing key. This access, along with a vulnerability that has since been addressed, allowed the hackers to modify authentication tokens and gain unauthorized access to email accounts.
However, the infiltration went unreported for a month until State Department personnel discovered it using a higher-tier account with access to extensive records. Microsoft made a policy change in response to the government email systems breach investigation. Beginning in September, it will make logs available to clients free of charge, addressing concerns about transparency and timely breach discovery.
Legislators Demand Action
The event drew harsh criticism from politicians, notably Senator Ron Wyden, a Democrat on the Senate Intelligence Committee. Wyden voiced alarm about the inadequacy of cybersecurity practices, which allowed Chinese hackers to get access to government officials’ accounts. This unseen cyberattack on government email accounts prompts US cyberboard inquiry and the CSRB was then tasked with investigating the breach and making suggestions for future prevention.
The Point of View of Homeland Security
Alejandro Mayorkas, Secretary of Homeland Security, underlined the necessity of recognizing vulnerabilities in cloud technology employed by US enterprises. Mayorkas emphasized the importance of the CSRB’s practical suggestions. It also put quite an emphasis on increasing data security and cyber resilience in a variety of sectors.
The Role of The CSRB and Investigations
By executive order in 2021, President Biden established the CSRB. It acts as an essential body for reviewing and assessing major cybersecurity-related incidents. The CSRB comprises representatives from both the government and private sectors. It works to identify insights from previous incidents and recommend preventive measures accordingly.
This is the CSRB’s third investigation, following assessments of the Log4j vulnerability fallout in 2020 and recent Lapsus$ hacking organization attacks. In this latest venture, the CSRB will investigate the Microsoft Exchange Online attack as well as take a broader look at cloud-based identity and authentication infrastructure.
Conclusion
As the US cyberboard probes Microsoft email system intrusion, the main focus simply remains on improving cybersecurity practices as well as protecting important data from harmful breaches. The result of this investigation, in conjunction with proactive efforts taken by companies, will be crucial in strengthening cloud-based systems. It will ensure business continuity, and preserve the integrity of government email systems.
The ongoing search of adequate cybersecurity solutions displays the determination of both the public and private sectors in the face of escalating cyber dangers.
TuxCare’s QEMUCare live patching offers seamless updates for QEMU-based virtualization systems while active. No need for shutdowns, migrations, or hypervisor reboots. QEMUCare ensures uninterrupted operation and the finest live patching solution available.
Please contact our team of specialists if you have any questions or concerns.
The sources for this piece include an article in Cyber Security Connect and TechCrunch.
