Update: Microsoft confirmed on Jan 21 that its email service was compromised in China. A spokesperson said, “We are aware of a small number of customers impacted by malicious routing to a server impersonating Outlook.com,” a Microsoft spokesman in a statement Tuesday. “If a customer sees a certificate warning, they should contact their service provider for assistance.”
Microsoft’s Outlook email service was down in China for a day over the weekend owing to a man-in-the-middle attack, reports Chinese Web monitoring site GreatFire.
Users in China noticed an outage when they attempted to access Outlook email using IMAP and SMTP protocols on desktop and mobile email clients on Jan 17. However, Outlook’s web interface was not affected.
GreatFire reports that the man-in-the-middle (MITM) attack was likely used as it only presents a minor error in email clients and is not as obvious as other takedown tactics. This could easily be mistaken for a network issue and users would be none the wiser as to the real cause of the outage.
It is suspected that the outage, which has now ended, is the work of the Cyberspace Administration of China, a body responsible for Internet censorship in the country.
GreatFire ran tests to try and access Outlook using the same IMAP port for the email service in a browser and found that a self-signed security certificate was being used to make the connection. According to the site, this is consistent with previous attacks on sites in China.
If GreatFire’s suspicions are right, this could be a sign that the Chinese government is tightening its grip on foreign Web services to cut off users from the rest of the internet.
➤ Outlook Grim – Chinese Authorities Attack Microsoft [GreatFire via Reuters]