Over the summer of 2023, Microsoft faced criticism for security blunders that allowed Chinese hackers to peek into the emails of US government officials. A detailed report pointed out that these breaches could have been prevented if Microsoft had stronger security measures in place. The attackers managed to infiltrate the email systems of notable figures, including the US Secretary of Commerce and the Ambassador to China, by exploiting a loophole in Microsoft’s email service and using a special key.
The investigation highlighted Microsoft’s slow response to correct misleading information released after the incident and called out the tech giant for its lax security practices. It also brought up a separate breach by Russian hackers, underlining the pressing need for better security across the board.
To combat these vulnerabilities, the report suggests Microsoft should beef up its security by doing more thorough checks on its systems, pausing new feature releases until security is tight, and being more transparent with the public. On top of that, it recommends creating stronger barriers against hackers, like using better encryption and training staff to recognize security threats. By taking these steps, the hope is to make it much tougher for hackers to break in, protecting everyone’s data from getting into the wrong hands.