Two men have been arrested in the United Kingdom, under suspicion of their involvement in an alleged plot to hack Microsoft and steal customer data. Both of the men - a 22-year-old from Sleaford, Lincolnshire; and a 25-year-old from Bracknell, Berkshire - have been charged under the Computer Misuse Act, and were allegedly involved in repeated efforts to gain unauthorized access to Microsoft's systems during the first three months of this year.
Detectives from the UK's South East Regional Organised Crime Unit (Serocu) carried out raids and detained devices believed to have been used as part of the hacking attempts. As part of its investigation, Serocu coordinated with the UK's National Cyber Crime Unit, Europol, and the FBI, as well as with Microsoft itself.
Serocu's Detective Sergeant Rob Bryant said that the multi-agency collaboration with Microsoft had found that the attempted intrusions did not succeed in gaining access to customer information, but added: "It is too early to speculate on what information the group has accessed."
Microsoft's Tom Burt, vice president and deputy general counsel of its Digital Crimes Unit, told BBC News:
Today's action by authorities in the UK represents an important step. Stronger internet security depends on the ability to identify and prosecute cybercriminals.
This requires not only a strong technical capability, but the willingness to acknowledge issues publicly and refer them to law enforcement. No company is immune from cybercrime. No customer data was accessed, and we're confident in the integrity of our software and systems.
We have comprehensive measures in place to prevent, detect, and respond to attacks. We also have specialist teams focused on working with law enforcement to identify people who attack either us or our customers, and we're committed to fast and effective action against attackers.
Microsoft has a comprehensive suite of cyberthreat protection tools at its disposal, and recently announced its planned acquisition of Hexadite, to help boost the capabilities of its automated detection, investigation and remediation solutions. Microsoft's Bharat Shah said in January that the company is already investing over $1 billion a year into cybersecurity research and development, but said "that spending has to go up".
Source: BBC News