August 18, 2023

A U.S. cybersecurity advisory panel is launching an investigation into the malicious targeting of cloud computing environments. The review, led by the Cyber Safety Review Board, will examine the recent breach of government officials’ email accounts, which is suspected to have been carried out by Chinese hackers.

The review will focus on ways to enhance identity management and authentication in cloud services. It will also look at the strategies that cloud service providers, the government, and industries should adopt to improve cloud security.

The urgency of this investigation is due to the increasing dependence on cloud computing to provide essential services to the public. Secretary of Homeland Security Alejandro Mayorkas stressed the importance of understanding cloud vulnerabilities, saying that “cloud security is the backbone of some of our most critical systems.”

Senator Ron Wyden’s request last month prompted the investigation’s focus on cloud computing, particularly Microsoft’s role in the breach. Wyden called for accountability in Microsoft’s cybersecurity practices, which he labeled “negligent.”

The Cyber Safety Review Board, which is overseen by the Cybersecurity and Infrastructure Security Agency, plays a key role in post-cyberattack analysis and recommendations for future safeguards. In an interview, CISA Director Jen Easterly recommended that Microsoft revisit the security-first ethos of its early years, prioritizing trustworthiness over additional features.

The sources for this piece include an article in DataCenterKnowledge.