Title: U.S. Cyber Security Review Board to Investigate Recent Email System Intrusion
The U.S. Cyber Security Review Board (CSRB) has announced its intention to investigate the cyber intrusion that targeted U.S. government email systems provided by Microsoft. In addition to the specific breach, the investigation will involve a broader review of issues related to cloud-based identity and authentication infrastructure.
The incident involved state-backed hackers from China infiltrating government email accounts, including the inbox of U.S. Commerce Secretary Gina Raimondo and officials from the U.S. State Department. Microsoft disclosed that these hackers had illicitly obtained a sensitive signing key, thus enabling unauthorized access to enterprise and government email inboxes hosted by the company.
While the intrusions allegedly began in mid-May, they were not detected until a month later by State Department officials, who promptly notified Microsoft. The incident has since placed Microsoft under harsh scrutiny for its handling of the breach. As part of its effort to rectify the situation, the tech giant has agreed to provide logs to customers at no additional cost starting in September.
One Democratic lawmaker, Ron Wyden, has called for an investigation into whether Microsoft’s “lax cybersecurity practices” contributed to the breach. The incident has also prompted Homeland Security Secretary Alejandro Mayorkas to stress the importance of understanding vulnerabilities in cloud technologies to enhance cybersecurity.
In response to the increasing number of cyber threats faced by the United States, President Biden established the CSRB in 2021. The board’s primary objective is to review and analyze significant cybersecurity events, allowing them to provide recommendations aimed at preventing future incidents. Notable investigations conducted by the CSRB include the Log4j vulnerability in 2020 and recent attacks by the Lapsus$ hacking group.
With the CSRB’s involvement, the United States aims to address the recent breach, understand its implications, and prevent similar incidents from occurring in the future. By conducting a comprehensive review of cloud-based identity and authentication infrastructure, the CSRB hopes to bolster cybersecurity measures and safeguard sensitive government information.
“Zombie enthusiast. Subtly charming travel practitioner. Webaholic. Internet expert.”