Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
CUSTOMER RELATIONSHIP MANAGEMENT NEWS. UPDATED 14 MINUTES AGO.
You are here: Home / Customer Data / MS To Warn You About Govt Hacking
Microsoft To Warn You About State-Sponsored Hacking
Microsoft To Warn You About State-Sponsored Hacking
By Jennifer LeClaire / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
DECEMBER
31
2015
In what looks to be the last high-profile security story of the year, Microsoft has just announced that hackers aligned with government agencies may have tried to infiltrate its Hotmail property in China.

Microsoft vowed to warn users if there is any reason to believe their accounts have been “targeted or compromised by an individual or group working on behalf of a nation state.” Redmond changed its policy after a report by Reuters alleged that the company chose not to tell thousands of Hotmail users that their e-mail accounts had been hacked by government officials in China.

In 2011, Microsoft cybersecurity experts reportedly found evidence of attacks on Hotmail accounts used by human rights lawyers, diplomats in Japan and Africa, as well as Tibetan and Uighur leaders. according to Reuters. But instead of informing users that their accounts had been hacked, Microsoft just decided to ask affected users to change their passwords.

The company said it is also taking steps to identify and prevent unauthorized access to Outlook.com, OneDrive and other accounts. Facebook and Twitter recently announced similar moves, and Google has been on board with these warnings since 2012.

“We’re taking this additional step of specifically letting you know if we have evidence that the attacker may be ‘state-sponsored’ because it is likely that the attack could be more sophisticated or more sustained than attacks from cybercriminals and others,” Scott Charney, corporate vice president of Trustworthy Computing at Microsoft, wrote in a blog post. “These notifications do not mean that Microsoft’s own systems have in any way been compromised.”

Five Steps To Protect Yourself

Before you get too alarmed, getting a notification doesn’t mean your account has definitely been attacked. It just means there is evidence that you’ve been targeted and you need to take additional steps to secure your account, as well as check your computers for malware and software updates that can fix vulnerabilities.

“The evidence we collect in any active investigation may be sensitive, so we do not plan on providing detailed or specific information about the attackers or their methods,” Charney said. “But when the evidence reasonably suggests the attacker is ‘state-sponsored,’ we will say so.”

With that, Charney outlined five steps he said everyone should take to keep their Microsoft accounts and online identities secure. Those include:

1. Turn on Two-Step Verification

“This makes it harder for hackers to access your account even if they guess your password because if they try to sign in on a device Microsoft doesn’t recognize, we’ll ask for an extra security code, which you can get from a special app on your phone, sent to a different email address or via SMS text message,” Charney said.

2. Use a Strong Password

Charney recommends ensuring that your password contains a variety of numbers, letters, and symbols. Your password should not be a complete word and must be different from site to site so that if one account is compromised, other accounts remain secure. On top of this, Microsoft suggests changing your password frequently.

3. Watch Activity Carefully

“The ‘Recent Activity’ page on your Microsoft account shows recent sign-ins and changes to your account, and allows you to let Microsoft know if you were not the person making these changes,” Charney said.

4. Take Caution with E-Mails and Web sites

This is not new advice, but it still applies in 2016. Don’t open e-mails from unfamiliar senders or e-mail attachments that you don’t recognize, Charney said. And be careful when downloading apps or files from the Internet, and be sure you know the source.

5. Keep Software Up to Date

“For Windows PCs, you should turn on Windows Update to ensure your PC and Microsoft software stay up to date,” Charney said. “You should install a reputable anti-virus/ anti-malware software. Both Windows 8.1 and Windows 10 already include free anti-malware software called Windows Defender.”

A Warning for SMBs

We caught up with, Jon Crotty, principal analyst at Kaspersky Lab, to get a last word on security threats before we head into the new year. He told us in 2016, he expects to see a rise in cybercriminals targeting small to mid-size businesses (SMBs) that partner or do business directly with enterprises to infiltrate corporate IT environments.

“Those behind targeted attacks now spend less money and time creating new malware and technology by using existing programs and methods,” he said. “However, they still meticulously plan their attacks and analyze potential victims’ infrastructure to look for weak spots.”

In many cases, most SMBs do not have the time, cybersecurity knowledge or resources -- both financial and trained IT staff -- to combat cyberthreats, he said. For these reasons, cybercriminals look at SMBs as a potential weak spot to not only gain access to SMB assets, but to get at enterprises that are becoming even more strategic with cybersecurity initiatives, he added.

“As a result, it is important for organizations of all sizes to invest in a multi-layered cybersecurity strategy and work closely with vendors that transform leading security intelligence into real protection for businesses,” Crotty said.

Tell Us What You Think
Comment:

Name:

MS NSA:
Posted: 2016-01-01 @ 4:47pm PT
Microsoft never warned us about the NSA...hmmm

CTO:
Posted: 2016-01-01 @ 2:49am PT
Microsoft To Warn You About State-Sponsored Hacking... Do you mean any State or only Chinese and similar States?

John:
Posted: 2016-01-01 @ 2:24am PT
An auto erase of credit card details when an online transaction has been approved would help. Some well known companies appear to store CC info.

Like Us on FacebookFollow Us on Twitter
MORE IN CUSTOMER DATA

NETWORK SECURITY SPOTLIGHT
China-based Vivo will be the first company to come out with a smartphone featuring an in-display sensor for fingerprint security, beating Apple, Samsung, and other device makers to the punch.

CRM DAILY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.