The Cyber Safety Review Board's report on the Microsoft Exchange Server hacking campaign criticizes Microsoft's security practices and messaging. The report highlights that Microsoft is still unaware of how the Chinese carried out the attack in the Summer of 2023. The review emphasizes the severity and preventability of the intrusion, pointing out the inadequacy of Microsoft's cybersecurity practices and internal response. The threat actor responsible for the attack is linked to the 2009 Operation Aurora. The report calls for internal accountability within Microsoft to prevent such intrusions in the future.
Report slams Microsoft for a ‘cascade’ of cybersecurity failures https://t.co/0PA63DCBC7
#FPTech: China’s attack on Microsoft was preventable if they had taken cybersecurity seriously says US govt https://t.co/rxgTNm4tRN
Microsoft could have prevented Chinese cloud email hack, US cyber report says https://t.co/ejwmZjQYg3
A Biden administration-appointed review board has issued a scathing indictment of Microsoft corporate security and transparency after the tech giant let state-backed Chinese cyber operators break into email accounts of senior #US officials. #China https://t.co/bUxPL09BPV
"A ederal review board concluded in a scathing report Tuesday that the theft of a Microsoft signing key used to spy on senior U.S. officials was a preventable failure caused by the company’s failure to appropriately prioritize security." https://t.co/wgg6wnOPi1
The US Cyber Safety Review Board has written a thorough, fair, & - where it needs to be, hard-hitting - report on last summer’s Microsoft key compromise. It’s a serious, high quality report to confound sceptics who argued the process wouldn’t work. Kudos to all involved 1/2 https://t.co/mKxFqny34b
A high-profile government advisory board released a scathing report concluding that a Chinese espionage campaign targeting Microsoft last summer was "preventable" https://t.co/SBwW2OiBIX
Cyber board says Chinese hack of US officials was ‘preventable’ https://t.co/PtkvEildKA
Microsoft slammed for lax security that led to China's cyber-raid on Exchange Online https://t.co/Zgu1ch2OdO
A high-profile government advisory board released a scathing report tonight concluding that a Chinese espionage campaign targeting Microsoft last summer was "preventable and should never have occurred." https://t.co/AG1PQCaPGS
Microsoft slammed for lax security that led to Exchange Online attack https://t.co/oZj136GwrY
Scathing federal report rips Microsoft for shoddy security, insincerity in response to Chinese hack https://t.co/1QzYgeJIi4
Cyber Safety Review Board finds Microsoft security culture ‘inadequate,’ calls for internal accountability https://t.co/o98ffwDg4s
Very proud of the work of the Cyber Safety Review Board (CSRB) on this important review of the 2023 Microsoft Exchange Online intrusion that affected a number of national security officials And the threat actor responsible is the same one that did Operation Aurora in 2009! https://t.co/dwswDk6oNc
Today, DHS released the Cyber Safety Review Board’s (CSRB) report summarizing the findings of its review into attacks associated with the 2023 Microsoft Exchange Online intrusion. Learn more here⬇️ https://t.co/FpELjMUXSf
Microsoft is faulted for "inadequate" cybersecurity practices by a government review board over the 2023 hack of Exchange Online mailboxes https://t.co/timKUhk25m
CISA and review board torches Microsoft internal response and how bad the 2023 compromise actually was. It was way worse than what was communicated from Microsoft - way way way worse and avoidable. This is a good read and something folks really need to equate in their own…
Today the Cyber Safety Review Board released its independent review of the Summer 2023 Microsoft Exchange Online intrusion laying out what led to the intrusion & what industry & gov't can do to ensure an intrusion at this magnitude does not happen again. https://t.co/pf5Vx2kuuo https://t.co/dAsDY7HFxv
“Perhaps most concerning, the board report makes clear, Microsoft still does not know how the Chinese carried out the attack.” @washingtonpost https://t.co/W3iXECEhGH
The Cyber Safety Review Board's report on the Microsoft Exchange Server hacking campaign -- in which China compromised tens of thousands of email servers -- sounds pretty unsparing in its criticism of the company's security practices and public messaging. https://t.co/EgQRIi7veS https://t.co/4sUm8T8ilJ