Industry

Microsoft to warn e-mail users on suspected hacking by a govt.

The policy change at the world’s largest software company follows similar moves since October by Internet giants Facebook Inc., Twitter Inc and most recently Yahoo Inc.

Microsoft Corp said it would begin warning users of its Outlook.com email service when the company suspects that a government has been trying to hack into their accounts.

Microsoft told Reuters about the plan in a statement. It comes nine days after Reuters asked the company why it had decided not tell victims of a hacking campaign, discovered in 2011, that had targeted international leaders of China's Tibetan and Uighur minorities in particular.

According to two former employees of Microsoft, the company’s own experts had concluded several years ago that Chinese authorities had been behind the campaign but the company did not pass on that information to users of its Hotmail service, which is now called Outlook.com.

In its statement, Microsoft said neither it nor the U.S. government could pinpoint the sources of the hacking attacks and that they didn’t come from a single country.

The policy change at the world’s largest software company follows similar moves since October by Internet giants Facebook Inc., Twitter Inc and most recently Yahoo Inc.

Google Inc. pioneered the practice in 2012 and said it now alerts tens of thousands of users every few months.

For two years, Microsoft has offered alerts about potential security breaches without specifying the likely suspect. In the statement, Microsoft said: “As the threat landscape has evolved our approach has too, and we’ll now go beyond notification and guidance to specify if we reasonably believe the attacker is ‘state-sponsored’.”

Microsoft declined to say what role, if any, the Hotmail hacking campaign played in its policy change.

The Hotmail attacks had also targeted diplomats, media workers, human rights lawyers, and others in sensitive positions inside China, according to the former employees.

Microsoft had told the targets to reset their passwords but did not tell them that they had been hacked. Five victims interviewed by Reuters said they had not taken the password request as an indication of hacking.

Online free-speech activists and security experts have long called for more direct warnings, saying that they prompt behavioral changes from email users.

A letter from the Editor


Dear reader,

We have been keeping you up-to-date with information on the developments in India and the world that have a bearing on our health and wellbeing, our lives and livelihoods, during these difficult times. To enable wide dissemination of news that is in public interest, we have increased the number of articles that can be read free, and extended free trial periods. However, we have a request for those who can afford to subscribe: please do. As we fight disinformation and misinformation, and keep apace with the happenings, we need to commit greater resources to news gathering operations. We promise to deliver quality journalism that stays away from vested interest and political propaganda.

Support Quality Journalism
Recommended for you
This article is closed for comments.
Please Email the Editor

Printable version | May 31, 2020 4:17:29 PM | https://www.thehindu.com/business/Industry/Microsoft-to-warn-e-mail-users-on-suspected-hacking-by-a-govt./article13973342.ece

Next Story