Microsoft to Alert Users to Suspected Government Snooping
31 Décembre 2015 - 5:40AM
Dow Jones News
Microsoft Corp. said it plans to begin informing users of its
online email and file-storage services if it suspects attackers
associated with government agencies have tried to break into their
accounts.
The company previously offered alerts to users about computer
break-ins without providing information about suspected
perpetrators. Microsoft on Wednesday said it would notify users
when it has reason to believe an attack on a customer account is
"state-sponsored."
Microsoft's new policy mirrors those recently adopted by
Facebook Inc. and Twitter Inc. Google Inc. has issued warnings
about state-sponsored attacks since 2012. These providers don't
specify what countries they believe may be responsible.
The move follows a series of highly publicized computer
intrusions over the past few years, as well as revelations about
U.S. government intelligence-gathering techniques disclosed by
former National Security Agency contractor Edward Snowden. In some
cases, U.S. officials and security researchers say they have
uncovered evidence that links a particular attack to a certain
country.
Microsoft's policy was reported Wednesday by Reuters, which said
it followed questions the news service had asked the company about
an attack on Microsoft services that had targeted leaders of
China's Tibetan and Uighur minorities. That incident came to light
in 2011.
The software company didn't disclose what may have prompted the
policy change, but said it decided customers should know about the
possibility of state-sponsored action due to greater privacy risks
in that circumstance.
"We're taking this additional step of specifically letting you
know if we have evidence that the attacker may be 'state-sponsored'
because it is likely that the attack could be more sophisticated or
more sustained than attacks from cybercriminals and others," Scott
Charney, Microsoft's corporate vice president for trustworthy
computing, wrote in a blog post.
Microsoft said the change involves unauthorized access to
accounts that include its Outlook.com email service and OneDrive
file storage. Notifications about state-sponsored attacks don't
mean Microsoft's systems have been compromised, Mr. Charney
wrote.
"The evidence we collect in any active investigation may be
sensitive, so we do not plan on providing detailed or specific
information about the attackers or their methods," he wrote. "But
when the evidence reasonably suggests the attacker is 'state
sponsored,' we will say so."
Mr. Charney's blog post lists a series of steps Microsoft users
should take to keep their data secure, including using strong
passwords and verification that involves an additional security
code beyond a password.
"If you receive one of these notifications it doesn't
necessarily mean that your account has been compromised, but it
does mean we have evidence your account has been targeted," Mr.
Charney wrote.
Write to Don Clark at don.clark@wsj.com
(END) Dow Jones Newswires
December 30, 2015 23:25 ET (04:25 GMT)
Copyright (c) 2015 Dow Jones & Company, Inc.
Twitter (NYSE:TWTR)
Graphique Historique de l'Action
De Juin 2024 à Juil 2024
Twitter (NYSE:TWTR)
Graphique Historique de l'Action
De Juil 2023 à Juil 2024