This hot July in the American cybersecurity sphere will be remembered for another high-profile data leaks, as well as new initiatives of the White House on the labeling of gadgets.
Recently, a statement by Microsoft's Cyber Threat Research Group was widely circulated in the media, claiming that Chinese hackers had hacked into at least two dozen resources of U.S. organizations, including several federal agencies such as the State Department and the U.S. Department of Commerce.
The hackers reportedly targeted the email accounts of individual government employees, and the total number of hacked government email accounts was "small." The hackers were in possession of fake authentication tokens that potentially provided very broad access, but were used point-by-point. China has officially denied the claims and in turn accused the U.S. government of conducting its own aggressive hacking campaigns.
Experts say the attack originated from a stolen Microsoft account user signature key that was used to forge authentication tokens. The attacks appear to have been carried out using Outlook Web Access (OWA) and Outlook.com to access email. Microsoft said it has blocked all spoofed tokens and replaced the key. These actions should neutralize any further potential malicious activity.
It is noted that cybercriminals could work undetected for about a month, and there were also signs that during this time they managed to filter a certain amount of data. Exactly what kind of data is not mentioned. The reasons are clear: the leak is already very serious, and its detailing will cause even greater resonance.
Experts believe the problem may have been that detecting the hackers' actions required an advanced data logging feature available only through a paid premium subscription from Microsoft, which not all U.S. agencies are provided with.
Industry representatives also note the corporation's interest in conducting a detailed investigation, which is explained by a number of factors. Microsoft is not going through the best of times today. Like other American IT companies, it is actively winding down projects and also cutting staff: in addition to the 10,000 job cuts announced in January, the company recently announced a new series of layoffs.
In addition to financial problems, the corporation also has to fend off reputational attacks. In July, a group of hackers calling themselves "Anonymous Sudan" claimed to possess 30 million Microsoft accounts available for sale for $50,000 through a Telegram bot.
The company itself categorically denies that the data leak took place. Cases when various fraudsters sell fake or outdated databases occur quite often in the network, since it is possible to check the authenticity only by buying the database, which is actively used by various fraudsters.
However, the aforementioned group has previously carried out a number of successful DDoS attacks, and has recently been involved in attacks on European banking systems. This indicates a high probability of the database's reliability, and also hurts Microsoft's reputation.
Meanwhile, the White House has decided to get busy with labeling. According to the U.S. government, the new labeling will help consumers choose smart devices and fitness trackers, which, according to the Biden administration, are relatively protected from cyberattacks.
The ingenious idea was announced on July 18. Internet-connected devices such as refrigerators, televisions, microwave ovens and fitness trackers are expected to have a Cyber Trust Mark shield if they meet cybersecurity requirements set by the federal government. The program is scheduled to launch as early as next year.
To get the U.S. cybersecurity mark, companies will have to follow standards set by the National Institute of Standards and Technology (NIST), such as requiring strong passwords and software updates.
I would like to be wrong in my prediction, but it seems that this initiative is a continuation of the White House's long-standing attempts to step on China's toes. If not step, then at least stomp loudly, so it will not be surprising if Chinese goods do not receive such labeling, or if they do, but in very small quantities.
This is unlikely to change the position of Chinese manufacturers in the American market (remember the TikTok case, which has been fought for over a year, and its popularity is only growing), and certainly will not reduce the number of cyberattacks. Moreover, many of them seem to be caused by human error. But such a strategy is very much in line with U.S. policy, which is aimed at containing China in a variety of areas.
The White House can't completely break off the relationship because there are too many issues that need to be resolved together, so they have to, for example, send honored foreign policy veterans (like John Kerry) to the climate talks.
But, as the practice of U.S.-whatever relations shows, if all is well on the scene, it means that another political or economic mischief is being prepared behind it. Time will tell whether the labeling story will be aimed at these goals, but we can say for sure that initiatives to push Chinese manufacturers out of the U.S. market will continue.