Microsoft offers free security feature after alleged China cyber hack

Under pressure from U.S. cybersecurity officials, Microsoft on Wednesday said it would provide free cloud security logs for all customers in the next few months.

Security logs are critical for detecting and preventing cybersecurity threats, in addition to allowing hacking victims to quickly take action following a breach, according to U.S. officials. Microsoft currently charges for some forms of logging as a premium feature.

Microsoft said its decision was “in response to increasing frequency and evolution of nation-state cyberthreats.” Customers will receive detailed logs of email access and more than 30 other types of log data previously only available to customers paying for a premium service, the company said.

“These logs themselves do not prevent attacks, but they can be useful in digital forensics and incident response,” Vasu Jakkal, Microsoft’s corporate vice president for security, compliance, identity and management said, in a blog post.

The decision comes after suspected Chinese hackers infiltrated cloud-based email systems at about 25 organizations globally, including several U.S. agencies. Commerce Secretary Gina Raimondo was among the U.S. officials whose emails were breached.

A lack of logging complicated the investigation into the so-called SolarWinds attack, which was disclosed in 2020. In that incident, Russia state-sponsored hackers installed malicious code in software update from SolarWinds, among other methods, to infiltrate nine U.S. federal agencies and about 100 companies.