Microsoft unveiled a revised policy to inform users when it believes an account has been targeted by state-sponsored hackers.
“We already notify users if we believe their accounts have been targeted or compromised by a third party, and we provide guidance on measures users can take to keep their accounts secure. We're taking this additional step of specifically letting you know if we have evidence that the attacker may be ‘state-sponsored' because it is likely that the attack could be more sophisticated or more sustained than attacks from cybercriminals and others,” wrote Scott Charney, corporate vice president of trustworthy computing, in a blog post Wednesday.
The policy may also have been spurred by a Reuters report that the software giant knew Chinese hackers were targeting leaders of China's Tibetan and Uighur minorities, and chose not to inform the targets.
Microsoft disputes this report. “We weighed several factors in responding to this incident, including the fact that neither Microsoft nor the U.S. Government were able to identify the source of the attacks, which did not come from any single country,” a Microsoft representative wrote, in a statement obtained by SCMagazine.com. “We also considered the potential impact on any subsequent investigation and ongoing measures we were taking to prevent potential future attacks.”
China's legislature approved a sweeping anti-terror law this week that US officials and enterprise groups opposed out of a concern that China would use the law to gain information unrelated to terrorist investigations.
State-sponsored surveillance and hacking attempts of political opponents – and sometimes allies – have proliferated, and not only in China. The National Security Agency has been involved in profiling leaders of the #BlackLivesMatter movement, according to documents obtained by a Freedom of Information Act request. It was also revealed that the NSA surveilled conversations between members of Congress and foreign heads of state, including Israeli Prime Minister Benjamin Netanyahu.
“The evidence we collect in any active investigation may be sensitive, so we do not plan on providing detailed or specific information about the attackers or their methods, Charney wrote on the Microsoft blog. “But when the evidence reasonably suggests the attacker is ‘state sponsored,' we will say so.”