US cyber body to review cloud computing safety, Microsoft breach | Reuters

US cyber body to review cloud computing safety, Microsoft breach
Reuters
August 11, 20235:43 PM GMT+1Updated 3 days ago



A man types into a keyboard during the Def Con hacker convention in Las Vegas
A man types into a keyboard during the Def Con hacker convention in Las Vegas, Nevada, U.S. on July 29, 2017. REUTERS/Steve Marcus/File Photo

WASHINGTON, Aug 11 (Reuters) - A U.S. cyber safety body will review issues relating to cloud-based identity and authentication infrastructure that will include an assessment of a recent Microsoft (MSFT.O) breach that led to the theft of emails from U.S. government agencies, the Department of Homeland Security (DHS) said on Friday.

The review by the Cyber Safety Review Board will look at the malicious targeting of cloud computing environments, the DHS said in a statement.

Advertisement · Scroll to continue
"Organizations of all kinds are increasingly reliant on cloud computing to deliver services to the American people, which makes it imperative that we understand the vulnerabilities of that technology," DHS Secretary Alejandro Mayorkas said in the statement.

The review comes after U.S. Senator Ron Wyden in July asked the Federal Trade Commission, the Cybersecurity and Infrastructure Security Agency and the Justice Department to "take action" against Microsoft following the hack.

Advertisement · Scroll to continue
Microsoft has been under increasing scrutiny following revelations that hackers allegedly operating on Beijing's behalf got hold of one of its cryptographic keys and took advantage of a coding flaw to gain sweeping access to the company's cloud email platform.

The Cyber Safety Review Board's review will provide recommendations to help organizations protect against malicious access to cloud-based accounts , DHS said.

Reporting by Jasper Ward in Washington and Ismail Shakil in Ottawa; editing by Jonathan Oatis