Microsoft warns thousands that they are victims of state-sponsored hacking

Microsoft has revealed that it has issued warnings to nearly 10,000 people that they are the targets or victims of state-sponsored hacking.

The announcement comes as Microsoft showcases election systems running Microsoft ElectionGuard which not only helps to increase security, but also makes voting more accessible. Microsoft reveals that the vast majority of the state-sponsored attacks targeted enterprise customers, but there were still a significant number of regular consumers affected.

See also:

• German schools ban Microsoft Office 365 because of privacy concerns
• Microsoft blocks Surface Book 2 owners from upgrading to Windows 10 1903
• Microsoft backtracks on plans to scrap free software licenses for partners

Microsoft's Corporate Vice President of Customer Security and Trust, Tom Burt, says: "In the past year, Microsoft has notified nearly 10,000 customers they’ve been targeted or compromised by nation-state attacks. About 84 percent of these attacks targeted our enterprise customers, and about 16 percent targeted consumer personal email accounts. While many of these attacks are unrelated to the democratic process, this data demonstrates the significant extent to which nation-states continue to rely on cyberattacks as a tool to gain intelligence, influence geopolitics or achieve other objectives".

He goes on to explain that most of the attacks come from the usual suspects:

The majority of nation-state activity in this period originated from actors in three countries -- Iran, North Korea and Russia. We have seen extensive activity from the actors we call Holmium and Mercury operating from Iran, Thallium operating from North Korea, and two actors operating from Russia we call Yttrium and Strontium. This data has been compiled by the Microsoft Threat Intelligence Center which works every day to track these global threats. We build this intelligence into our security products to protect customers and use it in support of our efforts to disrupt threat actor activities through direct legal action or in collaboration with law enforcement. But let’s be clear -- cyberattacks continue to be a significant tool and weapon wielded in cyberspace. In some instances, those attacks appear to be related to ongoing efforts to attack the democratic process.

Microsoft says that it is keen to protect the democratic process, hence its development of ElectionGuard. The system allows for verifiable voting while maintaining privacy and security through encryption.

While there are no plans for the distribution of commercial voting systems, Microsoft says:

ElectionGuard is free and open-source and will be available through GitHub as an SDK later this summer. This week’s demo is simply one sample of the many ways ElectionGuard can be used to improve voting, and the final SDK will also enable features like Risk Limiting Audits to compare ballots with ballot counts and other post-election audits.

The company also recognizes the work done by the likes of Twitter, Facebook and Google.