By Jennifer LeClaire / Top Tech News. Updated December 31, 2015.
In what looks to be the last high-profile security story of the year, Microsoft has just announced that hackers aligned with government agencies may have tried to infiltrate its Hotmail property in China.
Microsoft vowed to warn users if there is any reason to believe their accounts have been “targeted or compromised by an individual or group working on behalf of a nation state.” Redmond changed its policy after a report by Reuters alleged that the company chose not to tell thousands of Hotmail users that their e-mail accounts had been hacked by government officials in China.
In 2011, Microsoft cybersecurity experts reportedly found evidence of attacks on Hotmail accounts used by human rights lawyers, diplomats in Japan and Africa, as well as Tibetan and Uighur leaders. according to Reuters. But instead of informing users that their accounts had been hacked, Microsoft just decided to ask affected users to change their passwords.
The company said it is also taking steps to identify and prevent unauthorized access to Outlook.com, OneDrive and other accounts. Facebook and Twitter recently announced similar moves, and Google has been on board with these warnings since 2012.
“We’re taking this additional step of specifically letting you know if we have evidence that the attacker may be ‘state-sponsored’ because it is likely that the attack could be more sophisticated or more sustained than attacks from cybercriminals and others,” Scott Charney, corporate vice president of Trustworthy Computing at Microsoft, wrote in a blog post. “These notifications do not mean that Microsoft’s own systems have in any way been compromised.”
Five Steps To Protect Yourself
Before you get too alarmed, getting a notification doesn’t mean your account has definitely been attacked. It just means there is evidence that you’ve been targeted and you need to take additional steps to secure your account, as well as check your computers for malware and software updates that can fix vulnerabilities.
“The evidence we collect in any active investigation may be sensitive, so we do not plan on providing detailed or specific information about the attackers or their methods,” Charney said. “But when the evidence reasonably suggests the attacker is ‘state-sponsored,’ we will say so.”
With that, Charney outlined five steps he said everyone should take to keep their Microsoft accounts and online identities secure. Those include:
1. Turn on Two-Step Verification
“This makes it harder for hackers to access your account even if they guess your password because if they try to sign in on a device Microsoft doesn’t recognize, we’ll ask for an extra security code, which you can get from a special app on your phone, sent to a different email address or via SMS text message,” Charney said.
2. Use a Strong Password
Charney recommends ensuring that your password contains a variety of numbers, letters, and symbols. Your password should not be a complete word and must be different from site to site so that if one account is compromised, other accounts remain secure. On top of this, Microsoft suggests changing your password frequently.
3. Watch Activity Carefully
“The ‘Recent Activity’ page on your Microsoft account shows recent sign-ins and changes to your account, and allows you to let Microsoft know if you were not the person making these changes,” Charney said.
4. Take Caution with E-Mails and Web sites
This is not new advice, but it still applies in 2016. Don’t open e-mails from unfamiliar senders or e-mail attachments that you don’t recognize, Charney said. And be careful when downloading apps or files from the Internet, and be sure you know the source.
5. Keep Software Up to Date
“For Windows PCs, you should turn on Windows Update to ensure your PC and Microsoft software stay up to date,” Charney said. “You should install a reputable anti-virus/ anti-malware software. Both Windows 8.1 and Windows 10 already include free anti-malware software called Windows Defender.”
A Warning for SMBs
We caught up with, Jon Crotty, principal analyst at Kaspersky Lab, to get a last word on security threats before we head into the new year. He told us in 2016, he expects to see a rise in cybercriminals targeting small to mid-size businesses (SMBs) that partner or do business directly with enterprises to infiltrate corporate IT environments.
“Those behind targeted attacks now spend less money and time creating new malware and technology by using existing programs and methods,” he said. “However, they still meticulously plan their attacks and analyze potential victims’ infrastructure to look for weak spots.”
In many cases, most SMBs do not have the time, cybersecurity knowledge or resources -- both financial and trained IT staff -- to combat cyberthreats, he said. For these reasons, cybercriminals look at SMBs as a potential weak spot to not only gain access to SMB assets, but to get at enterprises that are becoming even more strategic with cybersecurity initiatives, he added.
“As a result, it is important for organizations of all sizes to invest in a multi-layered cybersecurity strategy and work closely with vendors that transform leading security intelligence into real protection for businesses,” Crotty said.