Tech and Cybersecurity: A Closer Look at This Week’s News. 07/04/2024

Microsoft Confirms Russian Hackers Stole Source Code

Microsoft has officially acknowledged that Russian cyberspies infiltrated its executives' email accounts and stole source code. The intrusion, attributed to the Kremlin-backed group known as Midnight Blizzard (also called Cozy Bear and APT), was characterized as "ongoing." Initially, Microsoft stated that the threat actors had no access to customer environments, production systems, source code, or AI systems. However, recent evidence shows that the hackers gained unauthorized access to some of the company's source code repositories and internal systems.

The Midnight Blizzard Attack: A Closer Look

Initial Compromise:

The attack began in late November 2023 when the threat actor employed a password spray attack.

Using this technique, they targeted a legacy non-production test tenant account within Microsoft’s network. By compromising this account, the attackers gained an initial foothold.

Once inside, the threat actors leveraged the compromised account’s permissions. They accessed a tiny percentage of Microsoft’s corporate email accounts. Among the affected accounts were those of senior leadership team members and employees in cybersecurity, legal, and other functions.

During their unauthorized access, the attackers exfiltrated some emails and attached documents. While the extent of the compromised source code remains undisclosed, the breach extended beyond mere email infiltration. Fortunately, there is no evidence indicating a compromise of customer-facing systems hosted by Microsoft.

Lessons Learned and Urgent Measures:

Microsoft’s response process was immediately activated upon detecting the attack on January 12, 2024. The incident underscores the need for a faster and more robust security posture. If the same team were to deploy the legacy tenant today, mandatory Microsoft policy and workflows would ensure Multi-Factor Authentication (MFA) and active protections.

MFA is critical in preventing unauthorized access, significantly when valid accounts are compromised. The ongoing investigation continues to uncover details, and Microsoft is notifying other targeted organizations.

About Midnight Blizzard:

Midnight Blizzard (also known as NOBELIUM) is a Russia-based threat actor.

Attributed by the US and UK governments to the Foreign Intelligence Service of the Russian Federation (SVR), they primarily target:

• Governments
• Diplomatic entities
• Non-governmental organizations (NGOs)
• IT service providers

Their operations often involve compromising valid accounts and using advanced techniques to expand access while evading detection.

Teams Excluded from New Enterprise License

Starting April 1, 2024, Microsoft is introducing commercial Microsoft 365 and Office 365 suites without Teams for regions outside the European Economic Area (EEA) and Switzerland. A new standalone Teams offering will also be available for Enterprise customers in those regions. The sale of net-new subscriptions to existing Microsoft 365 E3/E5 and Office 365 E1/E3/E5 Enterprise SKUs with Teams will cease across all channels. Existing customers can continue using their subscribed suites, but new customers must choose from the updated offers.

Microsoft Teams Licensing Update

Previously, Teams was bundled with Microsoft 365 and Office 365 Enterprise suites, providing seamless integration for organizations.

Licensing Changes:

As of April 1, 2024, Microsoft is introducing a new licensing structure globally.

In regions outside the European Economic Area (EEA) and Switzerland, commercial Microsoft 365 and Office 365 suites will no longer include Teams. Existing customers in these regions can continue using their subscribed suites, including renewals and license additions. However, new customers must choose from the updated offers specific to their area.

New Lineup:

Microsoft now offers separate SKUs for Teams, allowing customers to purchase Teams independently from Microsoft 365 and Office 365.

The new lineup includes:

• Microsoft 365 E3/E5 (no Teams)
• Office 365 E1/E3/E5 (no Teams)
• Microsoft 365 Business Premium, Business Standard, Business Basic (no Teams)
• Microsoft 365 F1/F3, Office 365 F3 (no Teams)
• Additionally, a new standalone Teams Enterprise SKU is available for Enterprise customers.

Impact on Enterprise Suites:

The sale of current Enterprise suites (Office 365 E1/E3/E5 and Microsoft 365 E3/E5) with Teams will end for net-new subscribers outside the EEA and Switzerland. Organisations seeking Teams functionality alongside existing suites must purchase two SKUs: one without Teams and one standalone Teams SKU.

Amazon's 'Just Walk Out' AI Technology Revealed

Amazon's ambitious "Just Walk Out" technology, which aimed to eliminate checkout processes, relied on more than 1,000 human video reviewers in India. The system, initially touted as AI-powered, struggled to function as intended. These reviewers manually reviewed transactions and labelled images from videos to train the machine-learning model. Despite Amazon's efforts, the reliance on human intervention led to delays in providing receipts to customers. Amazon is now transitioning to shopping carts with built-in checkout screens and scanners.

The Initial Vision:

In 2016, Amazon introduced its ambitious “Just Walk Out” concept.“Just Walk Out.” The idea was revolutionary: shoppers could enter a store, pick up items they wanted, and simply leave without going through a traditional checkout process.

The system was supposed to rely solely on AI-powered video surveillance to track customer purchases.

The recent revelation by The Information shattered the illusion. It turns out that the technology never thoroughly worked as intended. Contrary to the AI promise, more than 1,000 human video reviewers in India were actively involved in monitoring and labelling videos of shoppers. These reviewers manually reviewed transactions and images to train the machine learning model behind “Just Walk Out.”

The technology faced several hurdles:

• Training Dependency: As of mid-2022, the system required about 700 human reviews per 1,000 sales, far from the internal target of reducing reviews to 20-50 per 1,000 sales.
• Receipt Delays: The reliance on backup humans meant customers often had to wait hours to receive their receipts.
• Complexity: The store was equipped with over 100 cameras and meticulously mapped item locations, all in an attempt to make AI-powered computer vision checkout feasible.

Amazon is now abandoning the cashier-less AI approach and moving toward a more practical solution: shopping carts with built-in checkout screens and scanners. These carts provide more feedback to shoppers and streamline the checkout process.

Apple Updates App Store Rules for Retro Game Emulators

Apple has modified its App Store rules to allow retro game emulators globally. Developers can now create emulators for retro console games, providing users with nostalgic gaming experiences. While this move opens up possibilities for gaming enthusiasts, it raises questions about intellectual property rights and app moderation.

After years of prohibition, Apple has made a significant policy shift. Retro game emulators are now allowed on the App Store globally. This decision opens new avenues for developers specialising in creating classic console game emulators.

While this move is exciting for gaming enthusiasts, there’s a crucial caveat. Emulator apps must adhere to “all applicable laws”, which effectively rule out pirated or bootleg content. Developers are responsible for ensuring that their emulators comply with copyright regulations.

Apple previously strictly prohibited game emulators. However, the company’s recent fine-tuning of its App Store guidelines aligns with the rules of the European Commission’s Digital Markets Act (DMA)( more info below). This change follows Apple’s earlier update that allowed in-app purchases for mini-games and AI chatbots.

Including retro game emulators could provide Apple with an additional revenue stream. By encouraging developers to bring their emulators to the App Store, Apple aims to enhance the gaming experience for users. The move also reflects a broader trend toward embracing nostalgia and preserving gaming history.

In another significant update, Apple now permits music streaming services (such as Spotify) to display subscription information and include links to drive users to their websites to complete purchases. This change is in line with the EU’s regulatory requirements.

EU Launches Investigations Under Digital Markets Act Against Tech Giant

Under the Digital Markets Act, the European Union has initiated investigations against tech giants Apple, Alphabet (Google), and Meta (Facebook). These investigations address concerns about competition, market dominance, and fair practices. The outcome could have significant implications for the EU tech industry and consumer rights.

The Digital Markets Act (DMA) is a comprehensive regulatory framework enacted by the European Union. Its primary goal is to address concerns related to competition, market dominance, and fair practices within the digital ecosystem.

The EU has initiated investigations into three major tech companies: Apple, Google (Alphabet), and Meta (formerly Facebook). These investigations mark the first cases under the newly enacted DMA.

The probes target specific practices:

Alphabet (Google): Investigating Alphabet’s rules on steering within Google Play and self-preferencing on Google Search. Anti-steering rules prevent tech firms from blocking businesses from informing users about cheaper options or subscriptions outside of app stores.

Apple: Examining Apple’s rules on steering within the App Store and the choice screen for Safari. The investigation also examines whether Apple complies with DMA obligations related to app uninstallation and default settings.

Meta: The EU scrutinises Meta’s controversial “pay or consent model.” This model involves users making choices related to data privacy and consent.

The EU’s competition chief, Margrethe Vestager, expressed concerns about how Apple and Alphabet implemented DMA rules. She highlighted discrepancies between their practices and the letter of the law. Despite the DMA guidelines, Vestager emphasized that both companies still charge fees and limit steering.

Apple believes it complies with the DMA. The company stated that it has created new developer capabilities and features to align with the regulation. Apple remains engaged with the European Commission during the investigations.

The EU is also investigating Alphabet’s display of Google search results. The focus is whether this display leads to self-preferencing favouring Google’s services over rival offerings.

In summary, this week's tech news highlights cybersecurity challenges, licensing changes, revelations about AI technology, and regulatory actions against major players in the industry. Stay informed and vigilant as the tech landscape continues to evolve! 🌐🔍