Tag: microsoft

Microsoft reduces Israel’s access to cloud and AI products over reports of mass surveillance in Gaza

Microsoft said Thursday it had disabled services to a unit within the Israeli military after a company review had determined its artificial intelligence and cloud computing products were being used to help carry out mass surveillance of Palestinians.

The action comes after The Associated Press and The Guardian published reports earlier this year revealing how the Israeli Ministry of Defense had been using Microsoft’s Azure platform to aid in the war in Gaza and occupation of the West Bank. Brad Smith, Microsoft’s vice chair and president, wrote in a blog post that the company was taking steps to enforce compliance with its terms of service.

An AP investigation in February showed that the Israeli military’s use of Microsoft products skyrocketed after a deadly surprise attack by Hamas militants on Oct. 7, 2023. The AP’s report cited internal Microsoft data showing the Israelis were using gigabytes of cloud storage and massive amounts of AI-enabled language translation services.

The AP also reported that Israel’s military used Microsoft Azure to compile information gathered through mass surveillance, which it transcribes and translates, including phone calls and text messages. That intelligence is then cross-checked with Israel’s in-house AI systems for targeting airstrikes.

AP reported that internal Microsoft data showed multiple Azure subscriptions were tied to Unit 8200, an elite cyber warfare unit within the Israeli Army responsible for clandestine operations, collecting signal intelligence and surveillance.

Following AP’s report, Microsoft acknowledged in May that it had sold advanced AI and cloud computing services to the Israeli military during the Gaza war and aided in efforts to locate and rescue Israeli hostages. But the company said an internal review found “no evidence” its Azure platform was used to target or harm people.

The Guardian, working in partnership with the Israeli-Palestinian publication +972 Magazine and the Hebrew-language outlet Local Call, reported in August that the commander of Unit 8200 had met directly with Microsoft chairman and CEO Satya Nadella in 2021. The Israeli unit then used Microsoft products to aid in the development of an AI-powered mass surveillance system that was sweeping up, translating and analyzing millions of telephone calls per day made by Palestinian civilians. The report also revealed that data from the Israeli surveillance system was being stored at Microsoft cloud data centers in Europe.

Keep reading

Microsoft Word To Save New Files to the Cloud by Default

Microsoft is preparing to change how documents are saved in Word for Windows, shifting new file storage to the cloud by default.

Instead of asking users to activate AutoSave or select a cloud location manually, Word will now store all newly created documents directly in OneDrive or another designated cloud service automatically.

Raul Munoz, a product manager on Microsoft’s Office shared services and experiences team, described the change by saying, “We are modernizing the way files are created and stored in Word for Windows. Now you don’t have to worry about saving your documents: Anything new you create will be saved automatically to OneDrive or your preferred cloud destination.”

Currently being rolled out to Microsoft 365 Insiders, this new setup is presented as a way to prevent lost work and provide immediate access to files across mobile platforms and browsers.

However, for anyone working outside Microsoft’s cloud ecosystem, this change introduces additional steps to avoid online storage.

The update also comes with adjustments to how documents are named. Rather than appending sequential numbers to new files, Word will now assign file names based on the date of creation.

Users will have the option to set a preferred default save location or opt out of automatic cloud saves entirely, though doing so requires manual reconfiguration.

Microsoft has been steadily nudging its user base toward cloud reliance. AutoSave already defaults to cloud storage, and persistent prompts in Windows have encouraged, or pressured, users to turn on OneDrive backups.

These reminders have drawn complaints, especially from those who feel Microsoft is eroding straightforward local file access.

Keep reading

Microsoft Failed To Disclose Key Details About Use Of China-Based Engineers In U.S. Defense Work, Record Shows

Microsoft, as a provider of cloud services to the U.S. government, is required to regularly submit security plans to officials describing how the company will protect federal computer systems.

Yet in a 2025 submission to the Defense Department, the tech giant left out key details, including its use of employees based in China, the top cyber adversary of the U.S., to work on highly sensitive department systems, according to a copy obtained by ProPublica. In fact, the Microsoft plan viewed by ProPublica makes no reference to the company’s China-based operations or foreign engineers at all.

The document belies Microsoft’s repeated assertions that it disclosed the arrangement to the federal government, showing exactly what was left out as it sold its security plan to the Defense Department. The Pentagon has been investigating the use of foreign personnel by IT contractors in the wake of reporting by ProPublica last month that exposed Microsoft’s practice.

Our work detailed how Microsoft relies on “digital escorts” — U.S. personnel with security clearances — to supervise the foreign engineers who maintain the Defense Department’s cloud systems. The department requires that people handling sensitive data be U.S. citizens or permanent residents.

Microsoft’s security plan, dated Feb. 28 and submitted to the department’s IT agency, distinguishes between personnel who have undergone and passed background screenings to access its Azure Government cloud platform and those who have not. But it omits the fact that workers who have not been screened include non-U.S. citizens based in foreign countries. “Whenever non-screened personnel request access to Azure Government, an operator who has been screened and has access to Azure Government provides escorted access,” the company said in its plan.

The document also fails to disclose that the screened digital escorts can be contractors hired by a staffing company, not Microsoft employees. ProPublica found that escorts, in many cases former military personnel selected because they possess active security clearances, often lack the expertise needed to supervise engineers with far more advanced technical skills. Microsoft has told ProPublica that escorts “are provided specific training on protecting sensitive data” and preventing harm.

Microsoft’s reference to the escort model comes two-thirds of the way into the 125-page document, known as a “System Security Plan,” in several paragraphs under the heading “Escorted Access.” Government officials are supposed to evaluate these plans to determine whether the security measures disclosed in them are acceptable.

In interviews with ProPublica, Microsoft has maintained that it disclosed the digital escorting arrangement in the plan, and that the government approved it. But Defense Secretary Pete Hegseth and other government officials have expressed shock and outrage over the model, raising questions about what, exactly, the company disclosed as it sought to win and keep government cloud computing contracts.

Keep reading

Microsoft AI chief says it’s ‘dangerous’ to study AI consciousness

AI models can respond to text, audio, and video in ways that sometimes fool people into thinking a human is behind the keyboard, but that doesn’t exactly make them conscious. It’s not like ChatGPT experiences sadness doing my tax return … right?

Well, a growing number of AI researchers at labs like Anthropic are asking when — if ever — AI models might develop subjective experiences similar to living beings, and if they do, what rights they should have.

The debate over whether AI models could one day be conscious — and merit legal safeguards — is dividing tech leaders. In Silicon Valley, this nascent field has become known as “AI welfare,” and if you think it’s a little out there, you’re not alone.

Microsoft’s CEO of AI, Mustafa Suleyman, published a blog post on Tuesday arguing that the study of AI welfare is “both premature, and frankly dangerous.”

Suleyman says that by adding credence to the idea that AI models could one day be conscious, these researchers are exacerbating human problems that we’re just starting to see around AI-induced psychotic breaks and unhealthy attachments to AI chatbots.

Furthermore, Microsoft’s AI chief argues that the AI welfare conversation creates a new axis of division within society over AI rights in a “world already roiling with polarized arguments over identity and rights.”

Suleyman’s views may sound reasonable, but he’s at odds with many in the industry. On the other end of the spectrum is Anthropic, which has been hiring researchers to study AI welfare and recently launched a dedicated research program around the concept. Last week, Anthropic’s AI welfare program gave some of the company’s models a new feature: Claude can now end conversations with humans who are being “persistently harmful or abusive.

Keep reading

AI Startup Backed by Microsoft Revealed to Be 700 Indian Employees Pretending to Be Chatbots

A once-hyped AI startup backed by Microsoft has filed for bankruptcy after it was revealed that its so-called artificial intelligence was actually hundreds of human workers in India pretending to be chatbots.

Builder.ai, a London-based company previously valued at $1.5 billion, marketed its platform as an AI-powered solution that made building apps as simple as ordering pizza. Its virtual assistant, “Natasha,” was supposed to generate software using artificial intelligence.

In reality, nearly 700 engineers in India were manually coding customer requests behind the scenes, the Times of India reported.

The ruse began to collapse in May when lender Viola Credit seized $37 million from the company’s accounts, uncovering that Builder.ai had inflated its 2024 revenue projections by 300%. An audit revealed the company generated just $50 million in revenue, far below the $220 million it claimed to investors.

A Wall Street Journal report from 2019 had already questioned Builder.ai’s AI claims, and a former executive sued the company that same year for allegedly misleading investors and overstating its technical capabilities.

Despite that, the company raised over $445 million from big names including Microsoft and the Qatar Investment Authority. Builder.ai’s collapse has triggered a federal investigation in the U.S., with prosecutors in New York requesting financial documents and customer records.

Founder Sachin Dev Duggal stepped down earlier this year and was replaced by Manpreet Ratia, who reportedly uncovered the company’s internal misrepresentations.

The company now owes millions to Amazon and Microsoft in cloud computing costs and has laid off around 1,000 employees. On LinkedIn, the company announced its entry into insolvency proceedings, citing “historic challenges and past decisions” that strained its finances.

The fallout is seen as one of the biggest failures of the post-ChatGPT AI investment boom and has renewed scrutiny of “AI washing”—the trend of rebranding manual services as artificial intelligence to secure funding.

Keep reading

Leaked documents reveal Microsoft provided Israel’s Unit 8200 with tools to spy on Palestinians

  • Microsoft provided its Azure cloud platform to Israel’s Unit 8200, enabling mass surveillance of Palestinian communications.
  • Unit 8200 used Azure data to identify bombing targets in Gaza, leading to civilian casualties.
  • Microsoft claims ignorance but refuses to terminate its contract with Israeli military intelligence.
  • Investigations reveal Microsoft profits from war crimes while publicly promoting ethical AI principles.
  • Critics warn unchecked surveillance turns corporations into silent partners in oppression and human rights violations.

Microsoft isn’t exactly known for being ethical, but a shocking new exposé has exposed just how deep their complicity in war crimes runs. The Big Tech firm has been secretly providing Israel’s elite military intelligence Unit 8200 with its Azure cloud platform since 2021, enabling the storage and analysis of massive troves of Palestinian communications data.

According to a damning investigation by +972 MagazineLocal Call, and The Guardian, Microsoft’s technology has been weaponized to surveil millions of daily phone calls from Palestinians in Gaza and the West Bank, with Unit 8200 sources confirming the data was used to identify bombing targets in densely populated civilian areas. While Microsoft feigns ignorance, claiming its CEO was unaware of the data’s lethal purpose, the tech giant’s actions reveal a disturbing pattern of prioritizing profits over human lives… even as Palestinian civilians pay the ultimate price.

Keep reading

Did Microsoft Hand China Front Row Access to the Pentagon?

Let’s set the stage: Imagine Fort Knox, doors flung wide open, while a tour group from the Chinese Communist Party strolls through the vault with full access badges. Ridiculous? Sure. But swap out gold for data, and you’re not far off from what just happened with Microsoft, China-based engineers, and — wait for it — the U.S. military.

According to reports, we now know that Microsoft, the federal government’s longtime tech golden child, may have handed China a backstage pass to America’s most sensitive defense systems. Not through hacking or espionage — but through corporate hubris, off-the-books programming, and a terrifying lack of oversight.

A dangerous Microsoft initiative allowed China-based engineers working for Microsoft access to elements of the software powering our military’s digital infrastructure. And just to really spice things up, this may not have been properly disclosed to the Department of Defense.

In response, Senator Tom Cotton (R-AR) fired off a letter demanding answers. He wants to know what kind of access those engineers had, what vetting (if any) was done, and how a critical contractor failed to flag a program that sounds like it was cooked up in a spy novel.

This isn’t about paranoia — it’s about pattern recognition. China has been engaged in digital warfare against the West for years. From the OPM breach to targeting our infrastructure and tech companies with AI-driven cyberattacks, they’ve made it clear: they want our secrets, our systems, and ultimately, control of the digital battlefield.

And what have we done in response? We’ve outsourced vital software development to a tech company that couldn’t be bothered to mention Chinese nationals working on Defense Department tools.

Let that sink in.

Even worse, this comes amid a staggering spike in Microsoft vulnerabilities. The company’s systems have been peppered with Common Vulnerabilities and Exposures (CVEs) — some of them so severe they allow unauthorized access with a single email. One CVE error allowed attackers to exploit Outlook without user interaction. Just receiving the message triggered it. No click, no download — just a digital grenade in your inbox.

If you think a foreign adversary wouldn’t weaponize those kinds of flaws, bless your heart. But the rest of us should be alarmed that these exploits — paired with offshored engineering — could mean that China didn’t need to break into the Pentagon’s systems. They may have simply been invited in.

This crisis underscores a larger failure: our total underestimation of endpoint security. In a world where cyberattacks can be launched from an internet café or a basement across the globe, the last line of defense isn’t just software firewalls — it’s every connected device in the network. And right now, that defense is leaking like a sieve.

Keep reading

Microsoft knew of SharePoint server exploit but failed to effectively patch it

A security patch released by Microsoft (MSFT.O) last month failed to fully fix a critical flaw in U.S. tech giant’s SharePoint server software that had been identified in May, opening the door to a sweeping global cyber espionage operation.

It remains unclear who is behind the ongoing operation, which targeted around 100 organisations over the weekend. But Alphabet’s (GOOGL.O) Google, which has visibility into wide swathes of internet traffic, said it tied at least some of the hacks to a “China-nexus threat actor”.

The Chinese Embassy in Washington did not respond to a Reuters request for comment. Chinese government-linked operatives are regularly implicated in cyberattacks, but Beijing routinely denies carrying out hacking operations.

Contacted on Tuesday, Microsoft was not immediately able to provide comment on the patch and its effectiveness.

The vulnerability that facilitated the attack was first identified in May at a hacking competition in Berlin organised by cybersecurity firm Trend Micro (4704.T), which offered cash bounties for the discovery of computer bugs in popular software.

It offered a $100,000 prize for “zero day” exploits – so called because they leverage previously undisclosed digital weaknesses – that could be used against SharePoint, Microsoft’s flagship document management and collaboration platform.

A researcher working for the cybersecurity arm of Viettel, a telecommunications firm operated by Vietnam’s military, identified a SharePoint bug at the event, dubbed it ‘ToolShell’ and demonstrated a method of exploiting it.

The researcher was awarded $100,000 for the discovery, according to a post on X by Trend Micro’s “Zero Day Initiative”. A spokesperson for Trend Micro did not immediately respond to Reuters’ requests for comment regarding the competition on Tuesday.

Microsoft subsequently said in a July 8 security update that it had identified the bug, listed it as a critical vulnerability, and released patches to fix it.

Keep reading

Microsoft ends use of China-based computer engineers for certain Defense Dept projects amid espionage fears

Microsoft said it will cease using China-based computer engineering teams for work on Pentagon cloud systems, after an investigation this week led to national security concerns at the highest levels over a program that Microsoft has used since 2016.

ProPublica report released Tuesday accused Microsoft of allowing China-based engineers to assist with Pentagon cloud systems with inadequate guardrails in an effort to scale up its government contracting business. 

The report got the attention of GOP lawmakers and the Trump administration, with Defense Secretary Pete Hegseth insisting Friday that foreign engineers from “any country … should NEVER be allowed to maintain or access DOD systems.” He added that the Defense Department would be “looking into this ASAP.”

After Hegseth’s indication that the Pentagon would be looking into the matter, Fox News Digital reached out to Microsoft, which responded that it would be ceasing its use of China-based computer engineers providing assistance to sensitive Defense Department cloud “and related” services.

Keep reading

Report: Microsoft’s Chinese Engineers Access Pentagon Systems with Minimal Oversight from ‘Digital Escorts’

Microsoft is using engineers in China to help maintain the Defense Department’s computer systems — with minimal supervision by U.S. personnel — leaving some of the nation’s most sensitive data vulnerable to hacking from its leading cyber adversary, a ProPublica investigation has found.

A ProPublica investigation has uncovered that Microsoft is relying on engineers based in China to help maintain sensitive computer systems for the U.S. Department of Defense, with only minimal oversight from U.S. personnel. This arrangement, which Microsoft deems critical to winning the Pentagon’s cloud computing business, could potentially expose some of the country’s most sensitive data to espionage and hacking by China.

The system relies on U.S. workers with security clearances, known as “digital escorts,” to supervise the Chinese engineers and serve as a firewall against malicious activities. However, ProPublica found that these escorts often lack the advanced technical skills needed to effectively monitor the foreign workers, who possess far greater coding expertise. Some escorts are ex-military with little software engineering experience, earning barely above minimum wage.

Keep reading