News

Chinese email hack only detectable with the most expensive Microsoft subscription

Security Parrot Editorial Team

Biden Administration Questions Microsoft’s Cloud Computing Services

The Biden administration is questioning Microsoft’s cloud computing services after the Chinese email hack was discovered. The tech giant places detection tools behind a paywall, so that the hack could take place unnoticed.

Microsoft’s Subscription Packages

Microsoft offers various subscription packages for its cloud computing services. According to CISA, the US federal agency responsible for cybersecurity, the Chinese email hack could only be detected with tools from Microsoft’s most expensive subscription. That’s package E5 from the Microsoft 365 offering and costs about 60 percent more than the basic security tools package (E3).

Biden Administration Intervenes

The federal agency is calling on the Biden administration to intervene: “Any organization using a technology service like Microsoft 365 should have out-of-the-box access to logging and other security data to reasonably detect dangerous cyberactivity.”
A source involved in the matter told The Wall Street Journal that Microsoft was under investigation. That investigation examines whether the tech giant did meet the cybersecurity requirements for cloud providers.
At Microsoft, they certainly want to look at the possibilities: “We are evaluating the feedback and are open to other models,” a Microsoft spokesperson said Thursday.

Delayed Reaction

The email hack is said to have been active since May. In June, the US State Department detected suspicious activity through E5’s detection tools. The department notified Microsoft, which was then able to locate and notify affected organizations.
This waterfall system, in which the information moves from organization to organization, naturally causes enormous delays in combating such hacks.
The Biden administration is now questioning whether Microsoft should change its cloud computing services. The tech giant places detection tools behind a paywall, which could have allowed the Chinese email hack to take place unnoticed.
Microsoft offers various subscription packages for its cloud computing services. According to CISA, the US federal agency responsible for cybersecurity, the Chinese email hack could only be detected with tools from Microsoft’s most expensive subscription. That’s package E5 from the Microsoft 365 offering and costs about 60 percent more than the basic security tools package (E3).
The federal agency is calling on the Biden administration to intervene and make changes to the subscription packages. “Any organization using a technology service like Microsoft 365 should have out-of-the-box access to logging and other security data to reasonably detect dangerous cyberactivity.”
Microsoft is open to making changes. A Microsoft spokesperson said, “We are evaluating the feedback and are open to other models.”
The email hack is said to have been active since May. In June, the US State Department detected suspicious activity through E5’s detection tools. The department notified Microsoft, which was then able to locate and notify affected organizations.
This waterfall system, in which the information moves from organization to organization, naturally causes enormous delays in combating such hacks. The Biden administration is now questioning whether Microsoft should change its cloud computing services to better detect and prevent such hacks.

Weekly Updates For Our Loyal Readers!

Share this Article
Lost your password?