Microsoft Subnet An independent Microsoft community View more

Hackers give Microsoft a second black eye, vow to deliver digital dirt on spying

The SEA hacked Microsoft's official blog, verified Twitter accounts, published internal emails about the hack, claiming they had access all week. The hackers promised to publish documents proving that Microsoft spies on email for governments.

Since there's very little to say about the first Patch Tuesday of 2014, only four bulletins issued and no security updates marked as critical, then let's look at a security story fueled by a big hate for Microsoft's alleged surveillance.

2014 kicked off with the Syrian Electronic Army hacking Skype social media accounts. The hijacked Twitter, Facebook and Skype blog accounts warned that Microsoft was "spying on people" and "Don't use Microsoft emails (Hotmail, Outlook), They are monitoring your accounts and selling the data to the governments."

10 days later, on Saturday January 11, SEA went after Microsoft directly this time, taking over verified Twitter accounts belonging to Microsoft News and Xbox Support, the official Microsoft blog on TechNet, and Microsoft's Instagram account. The Syrian hackers told Softpedia that the Microsoft "accounts were 'hacked all week.' They say this is only the beginning and that they have access to Microsoft email accounts."

In fact, SEA tweeted several screenshots of internal Microsoft emails discussing the attack, including this one purportedly from Steve Clayton, Creative Director at Microsoft:

Meanwhile, another alleged urgent email about the hack stated (in part): "So far, our MSCOM sites appear to be ok, but I'm wondering if we can/should check on microsoft.com to ensure this doesn't become more widespread and that MSCOM sites don't become targets....How can we be proactive and help ensure MSCOM is safe and also support efforts by CorpSec in a case like this?"

Well, if the tweet below is true, then one thing Microsoft might consider doing is forcing stronger passwords . . . or move to biometric authentication to replace passwords altogether. After Skype social media accounts were hacked, a Microsoft employee supposedly wanted to make a stronger password. Sadly, according to the SEA, he changed the password from Microsoft2 to Microsoft3.

Regarding the briefly defaced Microsoft blog, some folks said it was redirecting to the SEA's site. SEA tweeted this screenshot of the defacement to prove the hack.

Microsoft confirmed to Mashable that it had taken down all TechNet blogs following the cyberattack. "After a review, we determined that the Official Microsoft Blog was the only blog impacted and we restored all TechNet blogs."

Microsoft issued several statements: "Microsoft is aware of targeted cyberattacks that temporarily affected the Xbox Support and Microsoft News Twitter accounts. The accounts were quickly reset and we can confirm that no customer information was compromised."

Another Microsoft spokesman stated: "We're actively investigating issues and are focused on protecting our employees and corporate network. Microsoft is sometimes obligated to comply with legal orders from governments around the world and provides customer data only in response to specific, targeted, legal demands."

Here's the deal though, like the NSA, which still doesn't know what all documents Edward Snowden made off with, and issues some statements that it later must retract (spin differently), could the pro-Assad hackers really have digital dirt on Microsoft that would dispute the statements about "sometimes obligated to comply with legal orders from governments"?

An SEA member going by the alias of "Syrian Eagle" told Mashable:

Microsoft is monitoring emails accounts and selling the data for the American intelligence and other governments.

And we will publish more details and documents that prove it.

Microsoft is not our enemy but what they are doing affected the SEA.

One of the hijacked @MSFTNews tweets about a "leak" was pure trolling. It claimed the top two visited links from Internet Explorer were Chrome and Firefox. Another tweet repeated the warning issued during the Skype brand hack, "Don't use Microsoft emails(hotmail,outlook),They are monitoring your accounts and selling the data to the governments."

To "prove" having control of Xbox on Instagram, the hackers tweeted this:

Like the other hijacked accounts, Xbox Support regained control after 45 minutes and deleted the following tweets.

If the Skype hack gave Microsoft a black eye, then the Redmond giant now has two . . . with more supposedly on the way according to SEA.

But Microsoft is just the latest in a series of big brands targeted by the Syrian hackers. In the past, SEA targeted and delivered digital drop kicks to The New York Times, Huffington Post, Associated Press, Reuters, Twitter, the Washington Post, BBC, and the Guardian to name but a few of the attackers' victims.

Like this? Here's more posts:

Follow me on Twitter @PrivacyFanatic

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Must read: Hidden Cause of Slow Internet and how to fix it
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.