14 DAY TRIAL // Microsoft will start notifying users of any hack attempts that might be registered on their accounts from governments across the world, the company revealed today. The announcement comes after the company has been accused of hiding hack attempts on a number of Hotmail accounts and targeting well-known diplomats, state leaders, and human right lawyers.
Citing two people with knowledge of the matter, Reuters reported that the first attacks aimed at email accounts on Microsoft's free service were launched in June 2009, but the company only discovered them two years later.
A vulnerability in the email service allowed for attackers to break into the account and inject malware that could be used to forward every single email message to a second address without the owner knowing it. The aforementioned source claims that Microsoft started investigating the problem, but the company decided to keep all details secret and only ask users impacted by the hack to change their passwords.
It appears that the attacks have been linked to Chinese network AS4808 which could have some ties with the US government as well, as it's believed it was used in a number of surveillance programs too.
The decision not to disclose the hack attempts was made after discussions behind closed doors between Scott Charney, chief of security at Microsoft, and Brad Smith, the president of the company. Reuters claims they decided to keep the attacks secret in order to maintain the company's strong ties with the Chinese government, as public issues about the hack could have impacted their collaboration.
The Chinese government decided in 2013 to ban Windows 8 on state computers amid security concerns and start an anti-trust investigation on Microsoft all of a sudden, but it's not yet clear if these two cases are related in any way.
“We care about your security”
Now in a blog post announcing the decision to notify users of any hack attempt involving government sources, Scott Charney, who was one of those lobbying for not disclosing the attacks, says that “we will now notify you if we believe your account has been targeted or compromised by an individual or group working on behalf of a nation state.”
These alerts don't necessarily mean that accounts have already been hacked, he says, but only that an attack has been logged.
“We’re taking this additional step of specifically letting you know if we have evidence that the attacker may be 'state-sponsored' because it is likely that the attack could be more sophisticated or more sustained than attacks from cybercriminals and others. These notifications do not mean that Microsoft’s own systems have in any way been compromised,” he says.