The company is mentioned in that same post as having checked the content for technical accuracy. Shir Tamari, a researcher from cloud security firm Wiz, said very clearly: "..we want to thank the Microsoft team for working closely with us on this blog and helping us ensure it is technically accurate."
Microsoft's obfuscation was made to the CIA-funded site, The Record. The software giant has not put out any official post on this. While some others have pointed out the company's double-speak on the issue, no American tech site has written it up and focused on the fact that Microsoft is saying one thing now, having said precisely the opposite earlier.
The Record quotes a Microsoft spokesperson as saying: "Many of the claims made in this blog are speculative and not evidence-based. We’ve also recently expanded security logging availability, making it free for more customers by default, to help enterprises manage an increasingly complex threat landscape.”
|
|
I don't know but strongly suspect this is what happened:
— Brian in Pittsburgh (@arekfurt) July 22, 2023
1. The tech people at MS worked with Wiz in good faith to help make sure the post was correct.
2. The post is correct.
3. After the post dropped MS's PR people went ballistic because it makes the situation sound worse. https://t.co/oJpC2udIzE
In its detailed, technical post, Wiz warned companies and organisations affected by the breach that the impact of the intrusion may be much wider than reported, and could affect applications beyond those claimed by Microsoft to be impacted.
And Wiz also listed the possible applications that could be in danger: "...SharePoint, Teams, OneDrive, customers’ applications that support the 'login with Microsoft' functionality, and multi-tenant applications in certain conditions".
When big software or hardware companies suffer a breach that has as wide implications as this one does, one would expect them to think of the danger their customers face. But then for Microsoft, it has always been a case of money first, with security being a very poor second.
https://t.co/9wgDQA5LsK pic.twitter.com/dZmHIS0dqT
— Ryan Naraine (@ryanaraine) July 21, 2023
It's not difficult to understand why Microsoft is continuing to spin this attack – the company has always been about marketing first, with technology being a poor second.
In the normal course of things, Microsoft only backtracks on this kind of putrid spin when the US Government gets involved. But these days, given the company's influence, it is doubtful whether any government officials will speak up and point out the correct picture.
Federal elections are around the corner in the US and the Democratic candidate Joe Biden is increasingly seen as anything but a shoo-in. The government knows that tech firms will play a big role in pushing its dogma, hence it is unlikely to antagonise any of them right now.
This isn't the first time that Microsoft has twisted and turned when its role in attacks of this kind has been discussed. Back in February 2021, when the question over the company's role in the SolarWinds attack came up, it first denied that it had been attacked. Later, it was forced to backtrack.
The media, particularly the American outlets, should shoulder much of the blame for Microsoft's attitude towards attacks of this kind. Sharp criticism, straightforward reporting, and pointing the finger are supposed to be part of journalism. But in the US, given there is a milk-and-water approach, this kind of spin is likely to continue.
