Microsoft is now notifying individuals when the company believes their user accounts have been targeted by a government.
Currently, the software company notifies users if it “believe[s] their accounts have been targeted or compromised by a third party.” Now, Microsoft will specify when it believes the third party is state-sponsored.
The change applies to accounts for Microsoft services such as Outlook.com email and OneDrive cloud storage.
Scott Charney, corporate vice president of Trustworthy Computing at Microsoft, explains in a blog post published Wednesday:
We’re taking an additional step today. We will now notify you if we believe your account has been targeted or compromised by an individual or group working on behalf of a nation state. …
We’re taking this additional step of specifically letting you know if we have evidence that the attacker may be “state-sponsored” because it is likely that the attack could be more sophisticated or more sustained than attacks from cybercriminals and others.
Microsoft will not provide users with detailed information about the attackers or their methods, however, since evidence the company collects as part of an active investigation might be sensitive.
Receiving notification from Microsoft does not necessarily mean the applicable user account has been hacked into, however. It means:
- Microsoft has evidence the user’s account has been targeted.
- It’s urgent that the user act to secure the account, including ensuring the user’s computer and other devices are free of viruses and malware and that software is up to date.
Steps that Microsoft recommends that everyone take to help keep their accounts secure include enabling two-step verification and using a strong password and changing it often.
Reuters reports that Microsoft’s “policy change comes nine days after Reuters asked the company why it had decided not tell victims of a hacking campaign, discovered in 2011, that had targeted international leaders of China’s Tibetan and Uighur minorities in particular.”
Microsoft explains in a statement to Reuters:
“As the threat landscape has evolved our approach has too, and we’ll now go beyond notification and guidance to specify if we reasonably believe the attacker is ‘state-sponsored.'”
What’s your take on this? Sound off in our Forums. It’s the place where you can speak your mind, explore topics in-depth, and post questions and get answers.