Particle.news
Download on the App Store
12 ARTICLES
·
6d ago

Wyden Asks FTC to Probe Microsoft Over Ascension Ransomware, Citing Insecure Defaults

He says Microsoft's default settings and legacy encryption choices left hospitals exposed to preventable attacks.

Image
Image
A view shows the Microsoft logo on the day of the Hannover Messe, in Hanover, Germany, March 31, 2025. REUTERS/Fabian Bimmer
Image

Overview

  • In a Sept. 10 letter, Sen. Ron Wyden urged FTC Chair Andrew Ferguson to investigate Microsoft for "gross cybersecurity negligence"; the FTC acknowledged receipt and declined further comment.
  • Wyden's review cites Ascension’s May 2024 breach, which exposed data for about 5.6 million patients and disrupted care, beginning after a contractor clicked a malicious Bing search result.
  • Attackers allegedly leveraged Kerberoasting against Microsoft Active Directory, exploiting Windows’ default support for the obsolete RC4 cipher to obtain privileged access and deploy ransomware.
  • Microsoft says RC4 represents less than 0.1% of its traffic and that an immediate shutdown would break customer systems, adding it plans to disable RC4 by default in new Active Directory domains starting in Q1 2026 and provide additional mitigations.
  • Wyden says his staff warned Microsoft in July 2024 and that a promised update following an October 2024 technical blog has not been delivered, arguing the company’s defaults and market dominance pose systemic risk.