U.S. Senator Ron Wyden urges the FTC to investigate Microsoft’s security practices following a major ransomware attack on healthcare data. The senator highlights Microsoft’s continued use of weak encryption like RC4 in Kerberos, posing national security risks. #AscensionHealth #Kerberoasting
Keypoints
- Senator Ron Wyden requests the FTC to investigate Microsoft’s cybersecurity negligence.
- The 2024 Ascension Health breach involved a Kerberoasting attack exploiting weak RC4 encryption.
- Microsoft has acknowledged the presence of RC4 and plans to gradually remove it to improve security.
- The senator emphasizes that Microsoft’s practices threaten national security and could lead to more attacks.
- Microsoft responded by stating they discourage RC4’s use and are working to disable it without disrupting customers.