In response to a major cybersecurity breach linked to Chinese hackers, Microsoft collaborates with CISA to expand access to critical tools for investigating cybersecurity incidents. The Cybersecurity and Infrastructure Security Agency (CISA) and Microsoft jointly announce the availability of free cloud logging capabilities for all government and commercial customers.
This move comes after several organizations affected by the hacking campaign targeting cloud-based email accounts were unable to detect the intrusion due to limited access to essential log data. Microsoft plans to offer detailed logs of email access and other critical log data to enhance incident response and digital forensics, helping organizations better understand cyber intrusions and unauthorized access.
CISA Director Jen Easterly praises Microsoft’s decision to make necessary log types accessible to the broader cybersecurity community without additional cost. The collaboration is deemed a positive step towards adopting Secure by Design principles across more companies, aiming to strengthen cybersecurity practices industry-wide. Microsoft’s decision to provide more extensive log data was influenced by the increasing frequency and evolution of nation-state cyberthreats, emphasizing the importance of proactive security measures.
Logs offer a granular view of cyberattacks, revealing how different identities, applications, and devices access cloud services, which proves valuable in digital forensics and incident response, especially when investigating unauthorized access and impersonation attacks.
Microsoft’s move to expand cloud logging capabilities aligns with CISA’s call for the industry to improve protection against potential cyber-attacks. This cooperative effort reflects Microsoft’s commitment to engaging with customers, partners, and regulators to address evolving security needs.
While CISA refrains from attributing the recent hack to China, the State Department shows confidence in Microsoft’s assessment, linking the attack to hackers associated with China’s government. The broader availability of critical log data empowers organizations to bolster their cybersecurity defenses, ultimately enhancing their ability to detect and prevent cyber threats.
