Is Microsoft the right party to talk about the Flax Typhoon?
Microsoft has a long way to go when it comes to security,
3 min. read
Published on
Share this article
Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more
Key notes
- In 2022, over 80% of Microsoft 365 accounts were hacked.
- Earlier this summer, Tenable harshly criticized Microsoft for not addressing vulnerabilities at the right time.
- Now, the Redmond company is raising awareness about Flax Typhoon, while its products are still vulnerable to attacks.
Flax Typhoon, a Chinese threat actor group, was reportedly identified by Microsoft as targeting dozens of organizations in Taiwan with the likely intention of performing espionage, per Microsoft’s claims.
Flax Typhoon gains and maintains long-term access to Taiwanese organizations’ networks with minimal use of malware, relying on tools built into the operating system, along with some normally benign software to quietly remain in these networks. Microsoft has not observed Flax Typhoon using this access to conduct additional actions.Â
Microsoft
However, many of the espionage techniques performed by Flax Typhoon include access or usage of Microsoft’s software, including Windows Management Instrumentation command-line (WMIC), PowerShell, or the Windows Terminal application.
Microsoft claims that its blog post is about informing people about this threat actor and raising awareness about it, which is the right thing to do, yes. But is Microsoft really the best party to inform people about this?
Especially when not so long ago, the Redmond-based tech giant was harshly criticized by Tenable, a cybersecurity company, for not even addressing important vulnerabilities at the right time.
Microsoft is right to raise awareness about Flax Typhoon, but it should do better
There are countless examples where Microsoft products and their users were the victims of phishing attacks, malware, security breaches, and so on. As we extensively covered these examples, we found out that Microsoft Teams is by far one of the most targeted products.
In 2022, alone, 80% of the Microsoft 365 accounts, including Microsoft Teams, were hacked, and an astonishing 60% were successfully hacked. A later report found out that Microsoft Teams is prone to modern phishing attacks more than any other app.
However, these phishing attacks were all caused by not addressing certain vulnerabilities by Microsoft. The Redmond-based tech giant either addressed them too late, or never bothered with trying to fix them, as they were not considered dangerous.
Earlier this summer, Tenable’s CEO harshly criticized Microsoft for failing to address a vulnerability that could have ended up revealing a lot of customers’ banking information. Only after Tenable went public, did Microsoft react, but it was almost 5 months later.
So, while Microsoft has all the rights to raise awareness about a dangerous Flax Typhoon, the Redmond-based tech giant should really take a step back and do its best to address all the security vulnerabilities that its products have or might have.
The company should employ the best in the field to make sure its products are safe, secure, and most importantly, reliable to use. And then, yes, it can talk and raise awareness about threat actors.
Otherwise, if you don’t follow your own advice, then what’s the point? But what do you think?
