Microsoft Vows to Revamp Security Products After Repeated Hacks

Microsoft Corp., battered for its role in several major hacks, said it’s revamping the way it provides cybersecurity protection, using artificial intelligence and other methods to speed the company’s response to vulnerabilities and better protect customers.

| Updated on: Nov 03 2023, 06:23 IST
From Dell Inspiron laptop to Microsoft New Surface laptop 5, check massive discounts on Amazon
image caption
1/5 Dell Inspiron 15-inch Laptop: Currently the Dell Inspiron 15-inch Laptop is available on Amazon with a 54% initial discount making its price drop to Rs. 39400 from Rs. 85000. This laptop's Intel i3-1115G4 processor and 8 GB of RAM allow seamless multitasking. Its 512GB SSD offers plenty of storage, and the FHD screen delivers excellent images. (Amazon)
image caption
2/5 Apple 2023 MacBook Air: Amazon is offering a 6% initial discount on this Apple MacBook which has reduced its price to Rs. 126990 from Rs.134900. The 15-inch MacBook Air comes with an M2 chip to provide you with the fastest performance. It comes with up to 18 hours of battery life. (Amazon)
image caption
3/5 Dell Inspiron 3520 Laptop: On Amazon, you can get the Dell Inspiron 3520 Laptop for just Rs. 57500 making its price drop to Rs. 85000 with a 32% initial discount. The laptop features 12th generation Intel Core processors combined with PCIe SSD storage. Dell's ExpressCharge technology allows you to recharge your battery to 80% in just 60 minutes.  (Amazon)
image caption
4/5 Microsoft Surface Laptop 4: Currently Amazon is offering a 37% initial discount on Microsoft Surface Laptop 4 making its price fall to Rs. 84990 from Rs. 134990.  This genuine Microsoft Surface laptop comes with a 1-year limited hardware warranty from Microsoft covering manufacturing defects and not covering physical damage. It also features an AMD RyzenTM 7 4980U processor and AMD RadeonTM RX Vega 11 Graphics. (Amazon)
Microsoft cybersecurity
5/5 Microsoft New Surface Laptop5: The Microsoft New Surface Laptop5 is currently available on Amazon for just Rs. 188999. It features powerful 12th Gen Intel Core i7 processors built on the Intel Evo platform to perform multi-tasking.   (Amazon)
Microsoft cybersecurity
icon View all Images
In a blog post, three Microsoft executives said they “have put significant thought into how we should anticipate and adapt to the increasingly more sophisticated cyberthreats.” (REUTERS)

Microsoft Corp., battered for its role in several major hacks, said it's revamping the way it provides cybersecurity protection, using artificial intelligence and other methods to speed the company's response to vulnerabilities and better protect customers.

In a blog post, three Microsoft executives said they “have put significant thought into how we should anticipate and adapt to the increasingly more sophisticated cyberthreats.” The result is a commitment to three areas of engineering advancement: “transforming” software development, implementing new identity protections and driving faster vulnerability response, they wrote.

“In recent months, we've concluded within Microsoft that the increasing speed, scale, and sophistication of cyberattacks call for a new response,” President Brad Smith wrote in a separate posting. “This new initiative will bring together every part of Microsoft to advance cybersecurity protection.”

We are now on WhatsApp. Click to join.

While Microsoft is primarily known for its software products for corporations and consumers, the Redmond, Washington-based company has emerged as the biggest provider of cybersecurity products in recent years, a business that has grown to about $20 billion a year. At the same time, Microsoft remains a frequent target of critics, who complain that its software is prone to flaws, making it a frequent target for criminal and nation-state hackers.

Those problems resurfaced earlier this year, when hackers used a stolen consumer signing key to forge authentication tokens, which are meant to verify a user's identity. They then accessed user email from about 25 organizations, including US government agencies. Among the victims was US Commerce Secretary Gina Raimondo and State Department officials, whose emails were accessed just ahead of a meeting between US Secretary of State Antony Blinken and Chinese President Xi Jinping. Microsoft tied the hackers to China.

US Senator Ron Wyden wrote a blistering letter on July 27 about the lapse, calling for an investigation, and shortly thereafter, a government-led cybersecurity advisory panel opened a probe into the risks of cloud computing, which includes a look into Microsoft's role in the email hack.

“Government emails were stolen because Microsoft committed another error,” Wyden, a Democrat from Oregon, said in his letter. “Microsoft should not have had a single skeleton key that, when inevitably stolen, could be used to forge access to different customers' private communications.”

Amit Yoran, the chief executive officer of the cybersecurity company Tenable Holdings Inc., also criticized Microsoft, saying on LinkedIn in August that the company's “lack of transparency applies to breaches, irresponsible security practices and to vulnerabilities, all of which expose their customers to risks they are deliberately kept in the dark about.”

Microsoft's announcement, called the Secure Future Initiative, comes after the federal government has indicated that it expects software makers to take more responsibility for securing their products. In February, for instance, Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, said bad software and unsafe practices are facilitating ransomware attacks, and she said the adoption of some of Microsoft's and Twitter's security protocols such as two-factor authentication was disappointing.

And, on Monday, the US Securities and Exchange Commission filed a lawsuit against Texas-based SolarWinds Corp., alleging the company defrauded investors by downplaying security risks ahead of a hack of its software. In that cyberattack, which became public in December 2020, Russian state-sponsored hackers inserted malware into an update for a popular SolarWinds software product, creating a digital backdoor when customers downloaded it.

The hackers used that backdoor to further infiltrate about 100 organizations, including US government agencies, according to the SEC. The lesson of the SEC suit was that security professionals shouldn't sugarcoat problems that they are seeing and be more transparent about them, Michael Coates, chief information security officer at CoinList and a former security head at Twitter, told Bloomberg News.

Microsoft's Smith said the company is committed to building an AI-based cyber shield to protect customers and countries around the world. 

“One reason these AI advances are so important is because of their ability to address one of the world's most pressing cybersecurity challenges,” he wrote. “Ubiquitous devices and constant internet connections have created a vast sea of digital data.”

“But AI is a game changer,” he said.

In addition, Microsoft said it will use AI-powered analysis and other measures to audit and secure code against advanced threats, and it vowed to strengthen identity protection at a time when password attacks have increased and hackers have developed more sophisticated methods to steal and use login credentials. As part of the latter initiative, Microsoft said it would migrate to a “new and fully automated consumer and enterprise key management system with an architecture designed to ensure that keys remain inaccessible even when underlying processes may be corrupted.”

In her criticism of Microsoft earlier this year, Easterly said that Microsoft needs to “recapture the ethos” of what company co-founder Bill Gates called “trustworthy computing” in 2002. At that time, Microsoft was reeling from computer worms, and Gates wrote a memo ordering software developers to prioritize security. “We can and must do better,” he wrote.

One more thing! HT Tech is now on WhatsApp Channels! Follow us by clicking the link so you never miss any update from the world of technology. Click here to join now!


Follow HT Tech for the latest tech news and reviews , also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 03 Nov, 06:22 IST