Latest in Culture

Image credit:

Microsoft will warn users targeted by government hackers (update)

It's following in the footsteps of other tech corporations like Google, Facebook and Twitter.
Share
Tweet
Share
Save

Sponsored Links

Microsoft promises to notify its users if it believes that the government's targeting their account. In its announcement post, the company says it already notifies subscribers if an unauthorized person's trying to access their Outlook email and OneDrive. But from now on, it will also specify if it suspects the attacker is sponsored by a government.

Microsoft VP Scott Charney writes:

We're taking this additional step of specifically letting you know if we have evidence that the attacker may be "state-sponsored" because it is likely that the attack could be more sophisticated or more sustained than attacks from cybercriminals and others. These notifications do not mean that Microsoft's own systems have in any way been compromised.

According to Reuters, Redmond has changed its policy after the news outlet made a series of inquiries over the past few days regarding a Hotmail attack that was discovered in 2011. Apparently, Microsoft had evidence that Chinese authorities were behind that campaign targeting the emails of China's Tibetan and Uighur minority leaders, but it never told the victims. (*see update below)

In addition to announcing the new policy, the company has also listed steps people can take to prevent their accounts from being accessed by outsiders, state-sponsored or not. These include switching on two-step verification, using strong passwords and keeping their OS and anti-virus program up to date. Microsoft is the latest addition in the growing list of tech corporations that had chosen to tell their customers if they're being hacked by the government. Google has been doing so since 2012, and Facebook announced its intention to warn people of state-sponsored attacks in October.

Update: A Microsoft spokesperson has reached out and told Engadget that it isn't true that it was able to pinpoint the source of the 2011 Hotmail attacks:

Our focus is on helping customers keep personal information secure and private. Our primary concern was ensuring that our customers quickly took practical steps to secure their accounts, including by forcing a password reset. We weighed several factors in responding to this incident, including the fact that neither Microsoft nor the U.S. Government were able to identify the source of the attacks, which did not come from any single country. We also considered the potential impact on any subsequent investigation and ongoing measures we were taking to prevent potential future attacks.

[Image credit: AP Photo/Ted S. Warren]

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share
Save

Popular on Engadget

Engadget's Guide to Privacy

Engadget's Guide to Privacy

View
Fitbit is reportedly in the early stages of exploring a sale

Fitbit is reportedly in the early stages of exploring a sale

View
Tilta mods Blackmagic's Pocket Cinema Camera with a tilt screen and SSD

Tilta mods Blackmagic's Pocket Cinema Camera with a tilt screen and SSD

View
Three Mile Island's infamous nuclear plant shuts down after 45 years

Three Mile Island's infamous nuclear plant shuts down after 45 years

View
Samsung asks users to be extra careful with the Galaxy Fold

Samsung asks users to be extra careful with the Galaxy Fold

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr