Microsoft faces heat from US Congress over cybersecurity
Members of US Congress on Thursday pressed Microsoft to explain a "cascade of avoidable errors" that allowed a Chinese hacking group to breach emails of senior US officials.
Microsoft President Brad Smith spent more than three hours answering questions from members of the House Committee on Homeland Security in Washington, assuring them cybersecurity is being woven more deeply into the technology company's culture.
"Microsoft accepts responsibility for each and every one of the issues cited" in a scathing US government report about the breach "without equivocation or hesitation," Smith told the committee.
The Cyber Safety Review Board (CSRB), led by the US Department of Homeland Security, conducted a seven-month investigation into the incident last year that involved the China-affiliated cyberespionage actor Storm-0558.
"Microsoft has an enormous footprint in both government and critical infrastructure networks," US congressman and committee member Bennie Thompson said to Smith as the hearing opened.
"It is our shared interest that the security issues raised by the (report) be addressed quickly."
The operation, which was first discovered by the US State Department in June 2023, included hacks on the official and personal mailboxes of Commerce Secretary Gina Raimondo and US Ambassador to China Nicholas Burns.
Microsoft's core business is to provide cloud computing services, such as Azure or Office360, that host sensitive data and power business and government operations across major sectors of the economy.
The report criticized a Microsoft corporate culture that was "at odds with... the level of trust customers place in the company."
The review identified a series of operational and strategic decisions by Microsoft that opened the door to the breach, including the failure to identify a new employee's compromised laptop following a corporate acquisition in 2021.
It also found that Microsoft fell short of safety standards seen at competing cloud companies, including Google,
Read more on tech.hindustantimes.com
