Microsoft has scaled back some Chinese companies’ access to its early warning system for cyber security vulnerabilities following speculation that Beijing was involved in a hacking campaign against the company’s widely used SharePoint servers.
The vendor announced that several Chinese firms would no longer receive “proof-of-concept code,” which mimics the operation of genuine malicious software.
Proof-of-concept code can help cyber security professionals seeking to harden their systems in a hurry, but it can also be repurposed by hackers to get a jump start on the defenders.
The new restrictions come in the wake of last month’s sweeping hacking attempts against Microsoft SharePoint servers, at least some of which Microsoft and others have blamed on Beijing.
That raised suspicions among several cybersecurity experts that there was a leak in the Microsoft Active Protections Program (MAPP), which Microsoft uses to help security vendors worldwide, including in China, to learn about cyber threats before the general public so they can better defend against hackers.
Beijing has denied involvement in any SharePoint hacking.
Microsoft notified members of the MAPP program of the SharePoint vulnerabilities on June 24, July 3 and July 7.
Microsoft said it first observed exploitation attempts on July 7.
As such, the timing led some experts to allege that the likeliest scenario for the sudden explosion in hacking attempts was due to a rogue member of the MAPP program misusing the information.
The vendor added that it was aware that the information it provided its partners could be exploited, “which is why we take steps – both known and confidential – to prevent misuse.”
“We continuously review participants and suspend or remove them if we find they violated their contract with us, which includes a prohibition on participating in offensive attacks.”
Microsoft declined to disclose the status of its investigation into the hacking or reveal specifics about which companies had been restricted.
Source link
