back to article Did Microsoft actually put 'get repeatedly pwned by Syrian hackers' on its 2014 todo list?

Another week, and yet another successful compromise of Microsoft's servers by the so-called Syrian Electronic Army. And this time it's Redmond's revamped Office blog that got vandalized. Hacked Microsoft Office blog All your blogs are belong to us "A targeted cyberattack temporarily affected the Microsoft Office blog and …


This topic is closed for new posts.
  1. David Webb


    The SEA are responsible for the murder and torture of 11,000 computer systems, according to the UN.

    ... Too soon?

    1. Anonymous Coward
      Anonymous Coward

      Re: SEA

      Carter-F**k, "embedded journo-lawyers" ? Did they make it as far as the Tube, d'ya think? ;)

  2. dan1980

    "Redmond was forced to admit . . ."

    In a nutshell, this is what's wrong with online security; these companies deny and deny until the evidence is overwhelming.

    The result is that when a company like MS (or Adobe, or Sony, etc . . .) says words to the effect of "no customer data was compromised", what it really means is "no one's been able to prove customer data was compromised".

    In this instance it seems that it was internal only but the take away is still the same: don't be honest unless you have to. (Apparently.)

  3. This post has been deleted by its author

  4. gerdesj Silver badge

    Is security really rocket science?

    Why does this still happen with monotonous regularity to the big boys?

    MS have access to some seriously clever chaps who know how to secure stuff. In this case it's just a blog so how hard can it be? Oh and email accounts - how daft are MS front line staff?

    Surely MS might learn the "something you know and something you have" mantra eventually. They could always pop in "something you are" as well but that would not really be necessary for this.

    Why not buy a few 100,000 RSA tokens? - they're NSA approved.

    Security is still optional in this company despite one of the earliest, widely publicised screwups I can instantly recall being Cisco branded internet facing routers that were left with default passwords - hilarious results. To be fair - my memory might be failing - the actual fault might have been a flaw in IOS that was exploited. I'm still pretty sure it was stupid passwords.

    I also find their "best practice" mantra that they try to ram down your throat demeaning - there is no such thing as "best practice". There is "good practice" and "bad practice" in IT security - but no best.




  5. Mikel

    Not Microsoft's fault

    The modern computing workstation is just too horribly complex to secure. Anybody with Windows, IE and Office is going to be vulnerable to a targeted exploit from time to time. The company and its staff can hardly be held liable for this inherent complexity in integrated enterprise IT solutions.

    Er... Wait a minute...

    1. Sanctimonious Prick

      Re: Not Microsoft's fault

      Yeah, but man, it's their integration. It's all their software.

      Why is it so hard for M$ to find talented staff (HACKERS!) to find these vulns, before the BlackHat dudes? Hmm??

      It just astonishes me that after all these years, and the GaBillions of dollars they earned, M$ still just can't get it right.


      1. Sandtitz Silver badge

        Re: Not Microsoft's fault @Sanctimonious

        You can point fingers at any of the big corps. Despite raking in billions of dollars annually they have loads of vulns all the time. Millions of lines of code tend to include bugs.

        1. Anonymous Coward
          Anonymous Coward

          Re: Not Microsoft's fault @Sanctimonious

          Linux has holes as well and that has millions of "workers" lookign at it.

          Code is complex get over it.

          1. Anonymous Coward
            Anonymous Coward

            Re: Not Microsoft's fault @Sanctimonious

            > Linux has holes as well and that has millions of "workers" lookign at it.

            For free. Microsoft can't find people to fix theirs for pay.

            > Code is complex get over it.

            'Complex' doesn't have to mean 'a mess'. This is code we're talking about here, not psychiatry.

            1. Anonymous Coward
              Anonymous Coward

              Re: Not Microsoft's fault @Sanctimonious

              Chaos theory says otherwise.

  6. Herby

    So we are supposed to this Microsoft Cloud??

    I don't think so!

  7. Dolapevich

    Users, is all about the users

    and how good they have been trained.

    It is not M$, or Adobe, or ... whatever.

    AFAIK, Is their uses and the employee rotation that causes this issues.

  8. Vociferous

    *Russian* hackers.

    They're Russian.

    1. Anonymous Coward
      Anonymous Coward

      Re: *Russian* hackers.

      You think this because they were actually quite good? ;)

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2021