Microsoft to Notify Users of Government Hackings

gettyimages-457534470 SEATTLE — Microsoft says it will begin notifying users of its online services if they have been targets of suspected state-sponsored online attacks, joining a growing list of Internet companies stepping up their security policies with similar measures. The company, which announced the change on Wednesday in a blog post, joins Google, Facebook and others in disclosing when users of email and other services have probably been targeted by hackers working on behalf of governments. Such attacks have increased in intensity in recent years and often involve more sophisticated, sustained forms of trickery to gain control of online accounts than those employed by ordinary digital criminals. Reuters reported on Wednesday that Microsoft managers determined in 2012 that hackers affiliated with the Chinese government had hacked into more than a thousand Hotmail accounts, some of which belonged to leaders of China’s Tibetan and Uighur minorities. Microsoft did not notify the targets of the hacking that the attacks came from state-sponsored sources, a decision that Reuters, citing unnamed former Microsoft employees, said was motivated by a desire to avoid inflaming Chinese government authorities. In a statement responding to the Reuters reporting, Microsoft said it was not sure the attacks had come from state-sponsored hackers in China. It said that at the time, it notified its customers of suspicious activity on their accounts and forced them to reset passwords, without specifying where the attacks might have come from. “We weighed several factors in responding to this incident, including the fact that neither Microsoft nor the U.S. government were able to identify the source of the attacks, which did not come from any single country,” Microsoft said in the statement. “We also considered the potential impact on any subsequent investigation and ongoing measures we were taking to prevent potential future attacks.” Few Internet companies at the time had publicly committed to letting their users know when they suspected government hackers of targeting them. One exception was Google, which in June 2012 began posting banners atop Gmail accounts warning users when states or state-sponsored groups seemed to be trying to gain control of their accounts. In a blog post describing their warnings, Google declined to say exactly how it knew the attacks were state-sponsored, but said its alerts were the result of detailed analysis and victim reports. Google advised users to take additional precautions, like using stronger passwords and turning on two-step verification, which provides users with secondary codes via text messages or phone calls for accessing their accounts. In October, Facebook said that it had begun notifying its users of state-sponsored efforts to take over customers’ accounts. Around that time, Iranian hackers had compromised the social media and email accounts of State Department officials who focused on Iran and the Middle East, The New York Times reported in November. In December, Twitter also began issuing similar alerts to its users, followed by Yahoo. Source