Microsoft to offer free security feature after alleged China hack – Orange County Register

By Andrew Martin | Bloomberg

Under pressure from US cybersecurity officials, Microsoft on Wednesday said it would provide free cloud security logs for all customers in the next few months.

Security logs are critical for detecting and preventing cybersecurity threats, in addition to allowing hacking victims to quickly take action following a breach, according to US officials. Microsoft currently charges for some forms of logging as a premium feature.

Microsoft said its decision was “in response to increasing frequency and evolution of nation-state cyberthreats.” Customers will receive detailed logs of email access and more than 30 other types of log data previously only available to customers paying for a premium service, the company said.

“These logs themselves do not prevent attacks, but they can be useful in digital forensics and incident response,” Vasu Jakkal, Microsoft’s corporate vice president for security, compliance, identity and management said, in a blog post.

The decision comes after suspected Chinese hackers infiltrated cloud-based email systems at about 25 organizations globally, including several US agencies. Commerce Secretary Gina Raimondo was among the US officials whose emails were breached.

A lack of logging complicated the investigation into the so-called SolarWinds attack, which was disclosed in 2020. In that incident, Russia state-sponsored hackers installed malicious code in software update from SolarWinds Corp., among other methods, to infiltrate nine US federal agencies and about 100 companies.