Microsoft Outlook was a victim of a man-in-the-middle attack yesterday and it seems like the culprit was already unmasked by a diligent watchdog: China. Indeed, fingers are being pointed at the Chinese government, accusing them of orchestrating an attack on Microsoft Outlook and the company might be revoking the trust they have in the CNNIC certificate authority.
GreatFire is a non-profit censorship watchdog who has uncovered that the origin of the hack was in the midst of the Chinese government and advised Microsoft to immediately limit the access of the China Internet Network Information Center certificate authority, as it may pose a serious threat. In his report, GreatFire detailed that other companies are vulnerable to the same man-in-the-middle attack, including names like Apple. According to the vigilante, those who have accessed their emails through a web browser were not affected by China’s sneaky attack, the hackers targeting IMAP and SMTP email protocols instead.
On the other hand, if you’ve used Microsoft Outlook, Mozilla Thunderbird or mobile apps that use the aforementioned email protocols, you might have seen something like this at one moment:
That means that indeed, you were the victim of a man-in-the-middle attack and China’s official Cyberspace Administration now has all of your emails, contacts, passwords and all the sensitive information that has been saved in Microsoft Outlook or the aforementioned email clients. Rough, right? And there’s not much you can do about it. One positive outcome of this might be that users will take the warning screens shown on mobile devices and by Microsoft Outlook seriously in the future and won’t just click continue in a rush, dismissing the warning as some sort of issue with their connection. That’s how man-in-the-middle attacks work and you’ve just been hacked.
Diligent GreatFire implies “serves you right, multinational companies who didn’t listen to me months ago when I first warned you about CNNIC” and he’s mostly right. Officials from Apple, Microsoft and Mozilla didn’t take their warnings seriously, even though the watchdog had proof that CNNIC was not to be trusted and we’ve all seen how China blocked Gmail in the country. At the same time, China’s official Cyberspace Administration isn’t known for its security practices, which comprise of malware and internet censorship.
At the very least, authorities should have been at least alarmed by the widespread protests in China against their China internet Network Information Center certificate authority, which have been going on for years now. Oh and did you know that Microsoft Outlook was hacked in October through the same methods? Microsoft didn’t give the incident much attention, saying that only a small number of accounts from China were affected. Looks they underestimated the gravity of the situation and now there are probably thousands of users all around the world with credentials in the hands of the Chinese government.