"US Cyber Safety Review Board Condemns Microsoft's Security Failures in Chinese Email Hack"
The U.S. Department of Homeland Security released the Cyber Safety Review Board’s findings and recommendations following its independent review of the Summer 2023 Microsoft Exchange Online intrusion, attributing it to a hacking group affiliated with the People’s Republic of China. The report detailed operational and strategic decisions that led to the intrusion and recommended specific practices for industry and government to implement to prevent similar incidents. The Board's recommendations include implementing modern control mechanisms, adopting minimum standards for default audit logging, and developing more effective victim notification and support mechanisms. The Department of Homeland Security and the Cyber Safety Review Board are committed to transparency and will release public versions of the reports whenever possible.
- Cyber Safety Review Board Releases Report on Microsoft Online Exchange Incident from Summer 2023 Homeland Security
- US government review faults Microsoft for ‘cascade’ of errors that allowed Chinese hackers to breach senior US officials’ emails CNN
- Microsoft could have stopped Chinese cloud email hack: Review panel The Hill
- Microsoft could have prevented Chinese cloud email hack, US cyber report says The Verge
- Scathing federal report rips Microsoft for shoddy security, insincerity in response to Chinese hack NBC News
Reading Insights
0
0
5 min
vs 6 min read
90%
1,130 → 115 words
Want the full story? Read the original article
Read on Homeland Security