Microsoft will start informing users if it suspects attackers associated with government agencies are hacking their email or file-storage devices. The company's new policy is similar to those by Facebook, Google, and Twitter, which have warned users of possible state-sponsored attacks since 2012. However, these providers do not specify which countries they believed were responsible. Microsoft said that this change involves unauthorised access to Outlook email service and OneDrive file storage system.
The new policy comes after a report by Reuters a few days ago which said that the company didn’t warn its users of a hacking campaign by Chinese authorities in 2011. According to the report, the attackers had hacked into a thousand Hotmail accounts and targeted international leaders of China’s Tibetan and Uighur minorities.
Scott Charney, Corporate Vice President, Trustworthy Computing wrote in a blog post, “We already notify users if we believe their accounts have been targeted or compromised by a third party, and we provide guidance on measures users can take to keep their accounts secure. We’re taking this additional step of specifically letting you know if we have evidence that the attacker may be ‘state-sponsored’ because it is likely that the attack could be more sophisticated or more sustained than attacks from cybercriminals and others. These notifications do not mean that Microsoft’s own systems have in any way been compromised.”
Last month, it was reported that Islamic State militants hacked over 54,000 Twitter accounts and published personal details including passwords. They had also posted the phone numbers of the heads of CIA, FBI, and NSA online. The hack was conducted by a group calling itself ‘Cyber Caliphate’ and encouraged users to seize control of these accounts and spread ISIS propaganda. Hacker group Anonymous declared war on ISIS after the terrorist attacks in Paris.