Previous reports indicated that the victims of this hacking campaign also included Commerce Secretary Gina Raimondo, unnamed State Department employees, a human rights advocate, and various think tanks. Additionally, a congressional staffer was targeted. The discovery of Bacon as a new victim suggests that the investigation is ongoing. However, both the FBI and Microsoft have refrained from commenting on the matter.
Officials have categorized this spying as conventional espionage focused on key issues like the U.S. response to tensions between Taiwan and China. However, experts are concerned about the breach’s implications, as it exposes a vulnerability in government security measures heavily reliant on Microsoft’s cloud, email, and authentication services.
According to Microsoft, the hackers gained possession of powerful signing keys that allowed them to create verified customer identities, bypassing multifactor authentication. Combined with other security flaws in Microsoft’s systems, millions of individuals could have been at risk of attack.
Officials have reported that State Department activity logs revealed suspicious behavior, leading to the discovery of the hacking scheme. Microsoft was subsequently able to locate the hacked master key and block future access.
Multiple members of Congress are demanding explanations from federal agencies regarding their strategies to counter similar attacks in the future. They are also pressuring Microsoft to make their logs more accessible, to which the company has agreed. Senator Ron Wyden of Oregon has taken it a step further, requesting investigations by the Justice Department and the Federal Trade Commission to determine if Microsoft’s security practices violate any laws or the 20-year-old FTC consent decree mandating improved security after the breach of its then-single sign-on tool, Passport. Wyden has also urged the Department of Homeland Security to involve its Cyber Safety Review Board in examining the Microsoft cloud breach. The board has agreed to take on the task.
The Department of Homeland Security has referred inquiries to the FBI.
Leigh Ann Caldwell and David DiMolfetta contributed to this report.
Denial of responsibility! VigourTimes is an automatic aggregator of Global media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessary action within 24 hours.