Karl Voit  Sep 29, 2023

After basically the whole #Microsoft #Azure cloud was hacked (see list of related sources on https://karl-voit.at/cloud/ ), the first follow-up incidents went public caused by missing containment actions:

60,000 emails were stolen from 10 #USA #StateDepartment accounts
https://www.reuters.com/world/us/chinese-hackers-stole-60000-emails-us-state-department-microsoft-hack-senate-2023-09-27/

If you didn't understand until now: basically EVERYTHING at Microsoft got hacked and Microsoft can't (or won't) get rid of the intruders. Everything authenticated by Microsoft is tainted. Even #Windows auth.

You Can't Control Your Data in the Cloud

Show threadRoomey

@publicvoit many years ago (the 90s) if you were online you assumed everything you said and did was getting scraped by the NSA/ Americans. I don't think much has changed. If you want to keep something private, try to keep it off the web.

It is safe to assume (big) nation states have access to everything, or if not, hoover up everything they can and will have access soon enough.

Sep 29, 2023 at 2:39pmWeb
Show threadKarl Voit  Sep 29, 2023

@roomey Well, I somewhat disagree here.

If you assumed state actors, especially USA state actors you may be right.

However, now it's some hacker group that can share their knowledge with anybody. So the potential group of attackers is now extended to basically anybody who somehow was able to get in touch with the hackers who hacked Microsoft.

That's a totally different game now.

Furthermore, it's not only privacy that's in danger here. It's the whole set of https://en.wikipedia.org/wiki/Information_security#Key_concepts

Information security - Wikipedia

Show threadRoomeySep 29, 2023

@publicvoit it was my understanding that this "hacking group" _was_ nation state.

Either way, the rest of your comment here is correct in terms of what's at risk. Best to assume compromise at some level.

Show threadKarl Voit  Sep 29, 2023

@roomey Attribution is extremely difficult.

Some say it's the Chinese.

But at that level, any hacker group (state or non-state) is able to fake attribution hints of any sorts.

So we basically have no clue who did that and furthermore, who was given access to the special backdoors after.