Set-up: On June 14th @Serghei for Bleeping Computer tweeted that “Microsoft says it still doesn’t know how Storm-0558 Chinese hackers stole an inactive MSA consumer signing key used to breach the Exchange Online and Azure AD accounts of two dozen organizations, including U.S. government agencies.”
Bleeping Computer seemed to rely on a June 14th update at Microsoft’s security blog, specifically that:
Microsoft Marketing Instructional on Hardware Security Modules (HSM)
If I understand Microsoft’s learning piece on Azure Key Vault Managed HSM, Microsoft signing keys, including MSA consumer signing keys, are protected by Hardware Security Modules. Azure Key Vault is either a cloud-based unmanaged Hardware Security Module or a Microsoft managed Hardware Security Module with attributes listed in the article. However, as Microsoft explains the service, we learn that Azure Key Vault Managed HSM allows customers to “Import keys from your on-premises HSMs” and to “Generate HSM-protected keys in your on-premises HSM and import them securely into Managed HSM.”
This suggests that security signing keys, among other keys, may be generated with a physical on-premises Hardware Security Module in the customer’s control, either on a portable device or on their local computers or servers.
As discussed on Strategy Shelf on Saturday July 15th, Microsoft has a robust server business in Singapore and has set-up a major server and hardware recycling center called Microsoft Circular Center for hardware lifecycle management there.
More Specific Questions
Considering all of the above, today we can more specifically ask: Did Storm-0558 access an on-premises Hardware Security Module or Modules on a Microsoft customer’s device hardware or on Microsoft Corporation’s hardware, and use it to forge an MSA consumer signing key?
If the access to the Hardware Security Module and the acquisition of signing keys was from a Microsoft B2B customer’s on-premises hardware, where in the lifecycle of the hardware was the hardware exploited or breached? Manufacturing, supply chain, or onsite?
If the HSM relies on embedded chip technology, is it possible the chip in the supply chain was spiked by Chinese state actors or insiders handled by them to make it easier for hackers to acquire the signing keys?
Or in the alternative, was the hack enabled by an on-premises or transitional phase physical security theft and or breach of the physical HSM hardware?