Outlook email service allegedly hacked by Chinese authoritiesAlleged Chinese hand?
GreatFire reports that Chinese users first noticed the outage when they attempted to access Outlook email using IMAP and SMTP protocols on desktop and mobile email clients on Jan 17. GreatFire notes that the MitM attack only affected the email clients and web interface of outlook.com and live.com were not affected. Noting that Outlook was under MiTM attack, GreatFire states that “This form of attack is especially devious because the warning messages users receive from their email clients are much less noticeable than the warning messages delivered to modern browsers.”
Alleged Chinese hand?
Though it is not known that Chinese authorities were behind the attack but GreatFire says that this hack was the work of Cyberspace Administration of China. The Cyberspace Administration of China which was earlier known as State Council Information Office is the top Internet watchdog in China and is tasked with suppressing “disruptive” (anti-Chinese government) activity on the web and censuring any website that is deemed harmful to the state. GreatFire conducted tests to try and access Outlook using the same IMAP port for the email service in a browser and found that a self-signed security certificate was being used to make the connection.
According to the GreatFire, this is consistent with previous attacks that have taken place on websites in China. GreatFire has recommended that Microsoft and Apple to revoke these certificates, “We have outlined CNNIC’s dubious history in a previous blog post. Given the dangerous nature of this attack on Outlook, we again strongly encourage organizations, including Microsoft and Apple, to immediately revoke trust for the CNNIC certificate authority.”