Get the latest tech news
Microsoft faulted for ‘cascade’ of failures in Chinese hack
The independent Cyber Safety Review Board’s forthcoming report knocks the tech giant for shoddy cybersecurity, lax corporate culture and a deliberate lack of transparency.
The Cyber Safety Review Board’s report, a copy of which The Post obtained before its official release, takes aim at shoddy cybersecurity practices, lax corporate culture and a deliberate lack of transparency over what Microsoft knew about the origins of the breach. Microsoft’s initial statement about the intrusion was made in July, noting that a China-based adversary had somehow obtained a “signing” key — or digital certificate — allowing the hackers to forge users’ credentials and steal Outlook emails. “It took the creation of something like this board to produce a credible and unbiased assessment of Microsoft’s behavior, which is a necessary step to accountability,” said Jason Kikta, former head of private-sector partnerships at U.S. Cyber Command and now chief information security officer at the IT software firm Automox.
Or read this on r/technology
/cdn.vox-cdn.com/uploads/chorus_asset/file/3919716/mswindows2_2040.0.jpg)