The head of Microsoft, Satya Nadella warns that there is a risk that the world order could collapse as a result of the actions of hackers from nation-states. He proposes a solution – the Geneva Convention on Cyber Security.
Nadella recently spoke with journalist and NBC Nightly News host Lester Holt about several topics, including AI, the 2024 election and Microsoft’s recent admission that Russian group Cozy Bear had access to their corporate network for a month last year. Holt asked Nadell about the “alarm bells” that went off at Microsoft headquarters and Capitol Hill, given the government’s reliance on the company, when the hacking incident was revealed.
“When you have an adversary that is a nation-state or a country that you know has institutional strength, organizations that are well resourced and attack relentlessly — I’m glad we can even detect what they’re doing in cyberspace equal,” said Nadella. According to Nadella, such hacking incidents are not only a matter of private companies trying to solve their problems. When national states are involved in them, it “raises the issue to another level of dialogue.”
The head of Microsoft called on the USA, Russia and China to unite to form something like the Cyber Geneva Convention. Without it, cyberattacks by two nation-states against each other, especially against civilian objects, could lead to an unprecedented disruption of the world order, Nadella warned.
The Geneva Conventions of 1949 are the basis of international humanitarian law, which regulates the conduct of armed conflicts and is aimed at limiting their consequences. They protect people who are not participating in combat and those who are no longer doing so. 196 countries have signed the Geneva Conventions. Back in 2017, Microsoft spoke about the need to create a digital Geneva Convention to protect the population from threats from nation-states. The Redmond-based company wrote that the technology sector and civil society groups could pave the way for a legally binding agreement that would ensure a stable and secure cyberspace.
Cozy Bear (aka Midnight Blizzard) infiltrated Microsoft in November 2023 using a password-spraying attack to compromise an outdated, non-production test account. Microsoft said a “very small” percentage of corporate accounts were compromised, with senior executives, cybersecurity, legal and other employees affected.
Shortly after Microsoft disclosed the attack, HPE said it had also suffered a Cozy Bear attack last year.
Read also:
- Microsoft officially introduces Copilot for iOS and Android
- Microsoft Edge has reached a record high share of the PC browser market