Is Microsoft the right party to talk about the Flax Typhoon?

Microsoft has a long way to go when it comes to security,

Reading time icon 3 min. read


Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more

Key notes

  • In 2022, over 80% of Microsoft 365 accounts were hacked.
  • Earlier this summer, Tenable harshly criticized Microsoft for not addressing vulnerabilities at the right time.
  • Now, the Redmond company is raising awareness about Flax Typhoon, while its products are still vulnerable to attacks.
Flax typhoon

Flax Typhoon, a Chinese threat actor group, was reportedly identified by Microsoft as targeting dozens of organizations in Taiwan with the likely intention of performing espionage, per Microsoft’s claims.

Flax Typhoon gains and maintains long-term access to Taiwanese organizations’ networks with minimal use of malware, relying on tools built into the operating system, along with some normally benign software to quietly remain in these networks. Microsoft has not observed Flax Typhoon using this access to conduct additional actions. 

Microsoft

However, many of the espionage techniques performed by Flax Typhoon include access or usage of Microsoft’s software, including Windows Management Instrumentation command-line (WMIC), PowerShell, or the Windows Terminal application.

Microsoft claims that its blog post is about informing people about this threat actor and raising awareness about it, which is the right thing to do, yes. But is Microsoft really the best party to inform people about this?

Especially when not so long ago, the Redmond-based tech giant was harshly criticized by Tenable, a cybersecurity company, for not even addressing important vulnerabilities at the right time.

Microsoft is right to raise awareness about Flax Typhoon, but it should do better

There are countless examples where Microsoft products and their users were the victims of phishing attacks, malware, security breaches, and so on. As we extensively covered these examples, we found out that Microsoft Teams is by far one of the most targeted products.Flax typhoon

In 2022, alone, 80% of the Microsoft 365 accounts, including Microsoft Teams, were hacked, and an astonishing 60% were successfully hacked. A later report found out that Microsoft Teams is prone to modern phishing attacks more than any other app.

However, these phishing attacks were all caused by not addressing certain vulnerabilities by Microsoft. The Redmond-based tech giant either addressed them too late, or never bothered with trying to fix them, as they were not considered dangerous.

Earlier this summer, Tenable’s CEO harshly criticized Microsoft for failing to address a vulnerability that could have ended up revealing a lot of customers’ banking information. Only after Tenable went public, did Microsoft react, but it was almost 5 months later.

So, while Microsoft has all the rights to raise awareness about a dangerous Flax Typhoon, the Redmond-based tech giant should really take a step back and do its best to address all the security vulnerabilities that its products have or might have.

The company should employ the best in the field to make sure its products are safe, secure, and most importantly, reliable to use. And then, yes, it can talk and raise awareness about threat actors.

Otherwise, if you don’t follow your own advice, then what’s the point? But what do you think?

More about the topics: Cybersecurity, microsoft

User forum

0 messages