It seems Microsoft has taken right decision when seen from the point of view of its customers. Several years ago, Chinese authorities had hacked into more than a thousand Hotmail email accounts, targeting international leaders of China’s Tibetan and Uighur minorities in particular. At that time, Microsoft decided not to tell the victims about the hacking of their sites and allowing the hackers to continue their campaign.
But as per a new statement by Microsoft spokesman Frank Shaw on Wednesday, Microsoft has brought some change in its policies on seeing series of requests for comment from Reuters. The company now decided to tell its email customers when it suspects there has been a government hacking attempt. On the part of the company’s earlier policy, Mr. Frank said that the company was not certain about the origin of the earlier Hotmail attacks that took place several years ago in May 2011. At that time, security firm Trend Micro Inc (4704.T) announced it had found an email sent to someone in Taiwan that contained a miniature computer program. More than thousands of people became victim of the hack and Microsoft patched the vulnerability before the security company announced its findings publicly.
For the first time, Microsoft confirmed that it had not called, emailed or otherwise told the Hotmail users that their electronic correspondence had been collected. In 2011, Microsoft also launched its own investigation findings that some interception had begun in July 2009 and compromised the emails of top Uighur and Tibetan leaders in multiple countries. The investigation resulted out in the discovery of some of the attacks from a Chinese network known as AS4808, which has been associated with major spying campaigns, including a 2011 attack on EMC Corp's security division RSA that U.S. intelligence officials publicly attributed to China. Though, Microsoft was not 100% sure that all of the attacks came from China, the company said some of them came from elsewhere.
In respect of the new policy, Microsoft reported “As the threat landscape has evolved our approach has too, and we'll now go beyond notification and guidance to specify if we reasonably believe the attacker is `state-sponsored”.