Home > Web > Microsoft latest firm to notify users of…

Microsoft latest firm to notify users of state-sponsored hacks

Falling in line with other tech firms, Microsoft says it’ll also start warning users of its Web-based email service of any suspected state-sponsored hacks on their accounts.

The company has been issuing alerts about potential security breaches for the last two years, though the warnings have never offered any detailed information as to who might be behind the attacks. That’s now changing.

“As the threat landscape has evolved, our approach has too, and we’ll now go beyond notification and guidance to specify if we reasonably believe the attacker is ‘state-sponsored’,” Microsoft said in a statement to Reuters outlining its new alert procedure.

The computer giant said the alerts will go to users of Outlook.com, the Web-based email service that emerged from Microsoft’s old Hotmail interface.

Related: China’s shadowy cyber-warfare capabilities unmasked in official report

The move by Microsoft follows similar action taken in recent months by the likes of Facebook, Twitter, and most recently Yahoo.

Google, meanwhile, has been issuing such warnings to Gmail users for the last three years. Asked how it knows whether a hack is the work of a government-backed agent or some guy in his pajamas working out of his bedroom (couldn’t they be the same person?), a spokesperson for the Mountain View company said “detailed analysis and victim reports” often pointed to the perpetrators, adding that he couldn’t give more specific information on its procedures “without giving away information that would be helpful” to the hackers.

Related: Has the rate of Chinese cyberattacks really gone down?

Several former Microsoft employees told Reuters that known attacks carried out on Hotmail users several years ago “targeted diplomats, media workers, human rights lawyers, and others in sensitive positions inside China,” indicating the kind of people likely to be of interest to state-sponsored actors and who could therefore reasonably expect to receive one of these specialized alerts somewhere down the road.

Such warnings usually come with a recommended plan of action, such as using a more sophisticated password, enabling two-step verification if it hasn’t already been set up, and using up-to-date anti-virus software.

The move by Microsoft and others to warn of suspected state-sponsored hacks follows recent discussions between President Obama and Chinese president Xi Jinping on the issue of espionage in cyberspace, with Obama cautiously optimistic that an effective solution can eventually be found.