Microsoft President Brad Smith appeared before a House Homeland Security panel on Thursday to address pressing concerns about the company’s security measures and its connections with China. This hearing comes nearly a year after alleged China-linked hackers infiltrated the firm’s systems to spy on federal emails.
Last summer, these hackers accessed 60,000 U.S. State Department emails by breaching Microsoft’s security, according to the company’s disclosures. Additionally, Russian-linked cybercriminals compromised the emails of Microsoft’s senior staff earlier this year. These breaches have intensified federal scrutiny of Microsoft, a crucial software provider to the U.S. government, responsible for about 3% of the federal IT budget.
Lawmakers were particularly critical of Microsoft’s inability to prevent the security breaches attributed to both Russian and Chinese hackers. They argued that these incidents posed significant risks to federal networks, highlighting that the methods used by the hackers were not particularly sophisticated.
Related: Microsoft President Brad Smith to Testify Before Congress on Security Breaches
Democratic Representative Bennie Thompson emphasized the seriousness of the situation, noting that the Russian hackers’ access included correspondence with government officials. “Microsoft is one of the federal government’s most important technology and security partners,” Thompson stated. “But we cannot afford to allow the importance of that relationship to enable complacency or interfere with our oversight.”
The hearing also referenced a damning report from April by the Cyber Safety Review Board (CSRB), a group of experts established by U.S. Secretary of Homeland Security Alejandro Mayorkas. The CSRB’s report criticized Microsoft for a lack of transparency regarding the China hack and labeled the breach as preventable.
Smith accepted responsibility for the CSRB report’s findings and assured the panel that Microsoft has already begun implementing many of the report’s recommendations. “We’re dealing with formidable foes in China, Russia, North Korea, Iran, and they’re getting better,” Smith said. “They’re getting more aggressive … They’re waging attacks at an extraordinary rate.”
Thompson also criticized Microsoft for its failure to detect the breach, which was ultimately discovered by the U.S. State Department. Smith defended the company’s actions, stating, “That’s the way it should work. No one entity in the ecosystem can see everything.”
Source: Reuters
Featured News
Big Tech Braces for Potential Changes Under a Second Trump Presidency
Nov 6, 2024 by
CPI
Trump’s Potential Shift in US Antitrust Policy Raises Questions for Big Tech and Mergers
Nov 6, 2024 by
CPI
EU Set to Fine Apple in First Major Enforcement of Digital Markets Act
Nov 5, 2024 by
CPI
Six Indicted in Federal Bid-Rigging Schemes Involving Government IT Contracts
Nov 5, 2024 by
CPI
Ireland Secures First €3 Billion Apple Tax Payment, Boosting Exchequer Funds
Nov 5, 2024 by
CPI
Antitrust Mix by CPI
Antitrust Chronicle® – Remedies Revisited
Oct 30, 2024 by
CPI
Fixing the Fix: Updating Policy on Merger Remedies
Oct 30, 2024 by
CPI
Methodology Matters: The 2017 FTC Remedies Study
Oct 30, 2024 by
CPI
U.S. v. AT&T: Five Lessons for Vertical Merger Enforcement
Oct 30, 2024 by
CPI
The Search for Antitrust Remedies in Tech Leads Beyond Antitrust
Oct 30, 2024 by
CPI