Cyber review board blames cascading Microsoft failures for Chinese hack | CyberScoop<\/title> <meta name=\"description\" content=\"The Cyber Safety Review Board concluded in a report that Microsoft\u2019s corporate culture has inappropriately deprioritized security.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/microosft-csrb-china-hacking\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Cyber review board blames cascading Microsoft failures for Chinese hack\"> <meta property=\"og:description\" content=\"The Cyber Safety Review Board concluded in a report that Microsoft\u2019s corporate culture has inappropriately deprioritized security.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/microosft-csrb-china-hacking\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2024-04-03T01:03:06+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/cyber-review-board-blames-cascading-microsoft-failures-for-chinese-hack-2.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1280\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"eliasgroll\"> <meta name=\"twitter:card\" content=\"summary_large_image\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1712084567g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress-next\/dist\/css\/related-posts-block-styles.min.css?m=1710965597g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1711866546g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=74528d75ce0daeb8628a\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/79974\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.5\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=79974\">\n<link rel=\"alternate\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fmicroosft-csrb-china-hacking%2F\">\n<link rel=\"alternate\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fmicroosft-csrb-china-hacking%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-79974 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/microosft-csrb-china-hacking\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"24.860824742268\">\n<div class=\"single-article__header-content\" readability=\"29.793522267206\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/news\/cybersecurity\/\"> <span>Cybersecurity<\/span> <\/a> <\/li>\n<\/ul>\n<p> The Cyber Safety Review Board concluded in a report that Microsoft\u2019s corporate culture has inappropriately deprioritized security. <\/p>\n<\/p><\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/cyber-review-board-blames-cascading-microsoft-failures-for-chinese-hack.jpg?resize=640%2C426&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/cyber-review-board-blames-cascading-microsoft-failures-for-chinese-hack-2.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/cyber-review-board-blames-cascading-microsoft-failures-for-chinese-hack-2.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/cyber-review-board-blames-cascading-microsoft-failures-for-chinese-hack-2.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/cyber-review-board-blames-cascading-microsoft-failures-for-chinese-hack-2.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/cyber-review-board-blames-cascading-microsoft-failures-for-chinese-hack-2.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/cyber-review-board-blames-cascading-microsoft-failures-for-chinese-hack-2.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/cyber-review-board-blames-cascading-microsoft-failures-for-chinese-hack-2.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/cyber-review-board-blames-cascading-microsoft-failures-for-chinese-hack-2.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/cyber-review-board-blames-cascading-microsoft-failures-for-chinese-hack-2.jpg?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/cyber-review-board-blames-cascading-microsoft-failures-for-chinese-hack-2.jpg?resize=1265,843 1265w\" sizes=\"(max-width: 1013px) 100vw, 1013px\"><figcaption> NEW YORK, NY – Exterior view of the Microsoft Times Square building on January 29, 2023 in New York City. (Photo by Kena Betancur\/VIEWpress) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"52.518020221787\"><body readability=\"106.94487340636\"><\/p>\n<p>A federal review board concluded in a scathing report Tuesday that the theft of a Microsoft signing key used to spy on senior U.S. officials was a preventable failure caused by the company\u2019s failure to appropriately prioritize security. <\/p>\n<p>Tuesday\u2019s <a href=\"https:\/\/www.cisa.gov\/sites\/default\/files\/2024-04\/CSRB_Review_of_the_Summer_2023_MEO_Intrusion_Final_508c.pdf\">report<\/a>, the work of the independent Cyber Safety Review Board established by President Joe Biden, examines a breach that first came to light in July 2023, when hackers linked to China known as Storm-0558 were able to snoop on emails belonging to Commerce Secretary Gina Raimondo and U.S. Ambassador to China Nicholas Burns ahead of high-stakes meetings in Beijing. <\/p>\n<p>The CSRB lays the blame for the incident squarely on Microsoft: \u201cThe Board concludes that this intrusion should never have happened. Storm-0558 was able to succeed because of a cascade of security failures at Microsoft.\u201d<\/p>\n<p>The report represents the conclusion of a seven-month review and comes against the backdrop of <a href=\"https:\/\/cyberscoop.com\/microsoft-critics-accuse-the-firm-of-negligence-in-latest-breach\/\">growing concern in Washington<\/a> that a series of severe breaches at Microsoft has made the company a national-security liability at a time when the federal government is increasingly relying on that company for a raft of cloud computing services. In January, Microsoft <a href=\"https:\/\/cyberscoop.com\/microsoft-cozy-bear-russia\/\">disclosed<\/a> the latest such incident, in which Russian hackers were able to access emails belonging to senior company officials and company source code. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Tuesday\u2019s report, the most detailed accounting to date of the Storm-0558 incident, will only provide additional ammunition to the company\u2019s critics, as it accuses Microsoft of fostering a corporate culture that has deprioritized security: \u201cThe Board identified a series of Microsoft operational and strategic decisions that collectively point to a corporate culture that deprioritized both enterprise security investments and rigorous risk management.\u201d<\/p>\n<p>Perhaps the most damning finding in the report is that the breach would likely have been prevented if Microsoft had put in place security measures \u2014 such as automatic key rotation and limiting the scope of what keys can validate \u2014 adopted by other cloud service providers. <\/p>\n<p>The report also accuses Microsoft of misleading the public in its accounting of how the breach occurred.<\/p>\n<p>Two months after the breach was first revealed, Microsoft <a href=\"https:\/\/cyberscoop.com\/microsoft-china-signing-key\/\">said its investigation had identified<\/a> the most likely way in which Chinese hackers stole a signing key \u2014 what the CSRB calls \u201cthe cryptographic equivalent of crown jewels for any cloud service provider\u201d \u2014 after it was inadvertently included in a so-called \u201ccrash dump,\u201d the information that is generated when a computer system fails. <\/p>\n<p>According to the CSRB, shortly after publishing that blog, Microsoft concluded that it did not actually have any evidence that a crash dump had contained the key, leading the company \u201cto assess that the crash dump theory was no longer any more probable than other theories as the mechanism by which the actor had acquired the key.\u201d <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Microsoft left its blog post containing its assertion regarding the crash dump uncorrected for more than six months and only corrected it after repeated prodding by the CSRB, according to the report. <\/p>\n<p>\u201cThe loss of a signing key is a serious problem, but the loss of a signing key through unknown means is far more significant because it means that the victim company does not know how its systems were infiltrated and whether the relevant vulnerabilities have been closed off,\u201d the report notes. \u201cLeft with the mistaken impression that Microsoft has conclusively identified the root cause of this incident, Microsoft\u2019s customers did not have essential facts needed to make their own risk assessments about the security of Microsoft cloud environments in the wake of this intrusion.\u201d<\/p>\n<p>A Microsoft spokesperson said in a statement that the company appreciated the board\u2019s work \u201cto investigate the impact of well-resourced nation state threat actors who operate continuously and without meaningful deterrence.\u201d<\/p>\n<p>The spokesperson noted that the company has announced what it calls the <a href=\"https:\/\/blogs.microsoft.com\/on-the-issues\/2023\/11\/02\/secure-future-initiative-sfi-cybersecurity-cyberattacks\/\">Secure Future Initiative<\/a> to better prioritize security in its products, and that the company has \u201cmobilized our engineering teams to identify and mitigate legacy infrastructure, improve processes, and enforce security benchmarks.\u201d <\/p>\n<p>The CSRB report acknowledges that initiative but argues that Microsoft has dangerously deprioritized its security commitments. Because Microsoft\u2019s \u201cubiquitous and critical\u201d products \u201cunderpin essential services that support national security, the foundations of our economy, and public health and safety,\u201d Microsoft must \u201cdemonstrate the highest standards of security, accountability, and transparency,\u201d the report contends. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>In describing how Microsoft has changed, the CSRB cites a 2002 email from company founder Bill Gates in which he implores the company \u201cwhen we face a choice between adding features and resolving security issues, we need to choose security.\u201d<\/p>\n<p>\u201cOur products should emphasize security right out of the box, and we must constantly refine and improve that security as threats evolve,\u201d Gates wrote, adding that prioritizing security \u201cshould apply at every stage of the development cycle of every kind of software we create, from operating systems and desktop applications to global Web services.\u201d<\/p>\n<p>According to the CSRB, the company has abandoned that thinking: \u201cThe Board concludes that Microsoft has drifted away from this ethos and needs to restore it immediately as a top corporate priority.\u201d<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"3.5551601423488\">\n<div class=\"author-card\" readability=\"14\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/cyber-review-board-blames-cascading-microsoft-failures-for-chinese-hack-1.jpg?w=640&ssl=1\" alt=\"Elias Groll\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Elias Groll<\/h4>\n<p> Elias Groll is a senior editor at CyberScoop. He has previously worked as a reporter and editor at Foreign Policy, covering technology and national security, and at the Brookings Institution, where he was the managing editor of TechStream and worked as part of the AI and Emerging Technology Initiative. He is a graduate of Harvard University, where he was the managing editor of The Harvard Crimson. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Geopolitics<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/microosft-csrb-china-hacking\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cyber review board blames cascading Microsoft failures for Chinese hack<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[271,623,757,78,293,302,117,281,625,318],"tags":[277,628,759,86,299,306,119,285,630,319],"class_list":["post-2838","post","type-post","status-publish","format-standard","hentry","category-china","category-commerce-department","category-cyber-safety-review-board","category-cybersecurity","category-department-of-homeland-security-dhs","category-geopolitics","category-government","category-hacking","category-microsoft","category-state-department","tag-china","tag-commerce-department","tag-cyber-safety-review-board","tag-cybersecurity","tag-department-of-homeland-security-dhs","tag-geopolitics","tag-government","tag-hacking","tag-microsoft","tag-state-department"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/china\/\" rel=\"category tag\">China<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/commerce-department\/\" rel=\"category tag\">Commerce Department<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cyber-safety-review-board\/\" rel=\"category tag\">Cyber Safety Review Board<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/department-of-homeland-security-dhs\/\" rel=\"category tag\">Department of Homeland Security (DHS)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/geopolitics\/\" rel=\"category tag\">Geopolitics<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/government\/\" rel=\"category tag\">Government<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/hacking\/\" rel=\"category tag\">hacking<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/microsoft\/\" rel=\"category tag\">Microsoft<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/state-department\/\" rel=\"category tag\">State Department<\/a>","tag_info":"State Department","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/2838","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=2838"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/2838\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=2838"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=2838"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=2838"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":2838,"date":"2024-04-02T20:03:06","date_gmt":"2024-04-03T01:03:06","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=79974"},"modified":"2024-04-02T20:03:06","modified_gmt":"2024-04-03T01:03:06","slug":"cyber-review-board-blames-cascading-microsoft-failures-for-chinese-hack","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/04\/02\/cyber-review-board-blames-cascading-microsoft-failures-for-chinese-hack\/","title":{"rendered":"Cyber review board blames cascading Microsoft failures for Chinese hack"},"content":{"rendered":"