前沿资讯：在微软违规后，美国国务院加强网络安全

US State Department enhances cybersecurity post Microsoft breach
美国国务院在微软违规后加强网络安全

Following a major cyberattack last year that saw hackers infiltrate the US Department of State’s network, the agency has expanded its cybersecurity efforts beyond its reliance on Microsoft. This reinforcement of the defence strategy comes after the breach compromised around 60,000 State Department emails, including those of high-profile officials like Commerce Secretary Gina Raimondo. Criticism was directed at Microsoft, with the Cyber Safety Review Board questioning the company’s transparency regarding the incident.
去年发生的一次重大网络攻击导致与有关的黑客渗透到美国国务院网络后，该机构已将其网络安全工作扩大到不再依赖微软。此次加强防御战略是在大约60,000封国务院电子邮件遭到泄露之后，其中包括商务部长吉娜·雷蒙多 (Gina Raimondo) 等高调官员的电子邮件。批评针对的是微软，网络安全审查委员会质疑该公司在该事件上的透明度。

Kelly Fletcher, the department’s chief information officer, highlighted concerns about the security of corporate networks, emphasising the importance of all vendors ensuring secure systems. The hacking group, identified by Microsoft as Storm-558, obtained access to a digital key, allowing them to breach government inboxes.
该部门的首席信息官凯利·弗莱彻（Kelly Fletcher）强调了对企业网络安全的担忧，并强调所有供应商确保系统安全的重要性。这个被微软称为 Storm-558 的黑客组织获得了数字密钥的访问权限，从而能够侵入政府收件箱。

In response to the breach, the US State Department has diversified its vendor portfolio, incorporating companies like Palo Alto, Zscaler, and Cisco alongside Microsoft. While Microsoft managed to revoke the hackers’ access, Fletcher expressed concerns over the potential broader impact of the breach. The department has since bolstered its security measures, including multifactor authentication and data encryption, significantly increasing cybersecurity fundamentals across its systems.
为了应对此次泄露事件，美国国务院对其供应商组合进行了多元化，除了微软之外，还纳入了 Palo Alto、Zscaler 和 Cisco 等公司。虽然微软设法撤销了黑客的访问权限，但弗莱彻对此次泄露可能造成的更广泛影响表示担忧。此后，该部门加强了安全措施，包括多因素身份验证和数据加密，显着增强了整个系统的网络安全基础。

Despite criticism, Microsoft remains a key player in the State Department’s cybersecurity framework. The agency thoroughly analysed its communications with Microsoft following a separate breach linked to Russian hackers, concluding that sensitive information was not compromised. With ongoing efforts to fortify its cybersecurity posture, the State Department aims to mitigate future threats and maintain the integrity of its digital infrastructure.
尽管受到批评，微软仍然是国务院网络安全框架的关键参与者。在与俄罗斯黑客有关的单独违规事件发生后，该机构彻底分析了其与微软的通信，得出的结论是敏感信息并未受到损害。通过不断努力加强其网络安全态势，国务院的目标是减轻未来的威胁并保持其数字基础设施的完整性。"