Keeping online users secure
Microsoft said in a statement Thursday "neither Microsoft nor the U.S. Government were able to identify the source of the attacks, which did not come from any single country". In case of the Hotmail attacks, security firm Trend Micro Inc. had announced that it had found an email that contained a miniature computer program that stealthily took advantage of a previously undetected flaw in Microsoft's own web pages to direct Hotmail and other free Microsoft email services to secretly forward copies of all of a recipient's incoming mail to an account controlled by the attacker, reported Yahoo.
Microsoft pledged this week to let customers know if their accounts have been targeted by a state-sponsored hacker, joining a list of technology companies who have already pledged to be proactive when it comes to informing users if their accounts are at risk. In a statement responding to the reports, Redmond said that it was not sure the attacks had come from government-sponsor hackers in China, according to The New York Times. Microsoft has just amended its policy for email platform Outlook.com and cloud based virtual storage platform OneDrive.
Microsoft said it would not share details of what might lead it to conclude that nation-states were behind an attack but said it would send out the notices if "evidence reasonably suggests" such an entity was responsible.
CNET noted that the stepped-up practice goes into effect as cyber warfare and cyberspying become more of a threat to people around the world. Such attacks have increased in intensity in recent years and often involve more sophisticated, sustained forms of trickery to gain control of online accounts than those employed by ordinary digital criminals. A government backed hacking is much more sophisticated and tougher to deal with as compared to those launched by individuals, said the company's executive Scott Charney through a blog post on the Microsoft website.
Alerting people about suspected nation-state attacks might cause Microsoft problems in Britain if a proposed law that regulates government snooping is passed. The notification means that Microsoft has evidence to believe that the account has been targeted, and most-likely, those behind the suspected illicit activities are state-sponsored agencies. The company will provide guidance on keeping accounts secure.
