Microsoft is offering free cybersecurity tools to some government and commercial customers following criticism of the tech giant’s handling of a major alleged Chinese hack that compromised US government email accounts.
Starting in September, Microsoft cloud computing customers won’t have to pay extra money to get access to critical data to help them spot cyberattacks, Microsoft said Wednesday. The Wall Street Journal first reported on Microsoft’s policy change.
The move comes after cybersecurity officials privately expressed frustration that Microsoft had not done enough to detect the alleged Chinese cyber-espionage campaign, according to US officials. The campaign hit two-dozen organizations and became public last week. The State Department says it detected the cyber activity in June and reported it to Microsoft.
The email accounts of Commerce Secretary Gina Raimondo and State Department officials were breached in the activity, CNN has reported.
One of the victims of the hack was a human rights organization that could not detect the activity because they were not paying for a premium software license, according to US cybersecurity firm Volexity, which works with the human rights organization.
Logs, or computer files that gather artifacts about a hack, are critical to understanding and thwarting cyberattacks, according to experts. Until now, Microsoft’s business model has involved charging customers extra for access to these logs. With customers worldwide and more data than most other firms in the security industry, Microsoft’s decision could have a broad impact on the security posture of its customers, analysts said.
The free tools announced on Wednesday “will enable incident response teams, regardless of license level, to conduct more complete investigations,” Sean Koessel, a vice president at Volexity, told CNN.
“We can’t help but feel this change is long overdue,” Koessel told CNN, adding that some of his past investigations into hacks of customers have been frustrated by a lack of data.
The US Cybersecurity and Infrastructure Security Agency — part of the Department of Homeland Security — said its own investigations into hacks over the years had also been hindered by the lack of “critical data” that costs extra for Microsoft customers to access.
CISA Director Jen Easterly applauded Microsoft’s decision and said her agency had been working with Microsoft on the issue for over a year.
“We will continue to work with all technology manufacturers, including Microsoft, to identify ways to further enhance visibility into their products for all customers,” Easterly said.