Connect with us

Tech

Microsoft president testifies over security lapses after China-linked hack

Published

on

Microsoft president testifies over security lapses after China-linked hack

The Microsoft emails Russian hackers accessed also “included correspondence with government officials”, Democratic congressman Bennie Thompson said.

“Microsoft is one of the federal government’s most important technology and security partners, but we cannot afford to allow the importance of that relationship to enable complacency or interfere with our oversight,” he added.

Department of Homeland Security Secretary Alejandro Mayorkas. Photo: Reuters

The hearing drew on the findings of a scathing report in April by the Cyber Safety Review Board (CSRB) – formed by US Secretary of Homeland Security Alejandro Mayorkas – which slammed Microsoft for its lack of transparency over the Chinese hack that it said was preventable.

“We accept responsibility for each and every finding in the CSRB report,” Smith said in his opening statement, adding that the company had already begun working on a majority of the report’s recommendations.

He said cyberattacks had increased and become sophisticated over time, and public-private partnerships were critical in defending against them.

“We’re dealing with formidable foes in China, Russia, North Korea, Iran, and they’re getting better,” said Smith. “They’re getting more aggressive … They’re waging attacks at an extraordinary rate.”

When questioned about why Microsoft could not discover the Chinese intrusion and it was the State Department that did, Smith said: “That’s the way it should work. No one entity in the ecosystem can see everything.”

But Thompson was not convinced.

“It’s not our job to find the culprits. That’s what we’re paying you for,” Thompson told Smith.

Microsoft’s presence in China creates a mix of complex challenges and risks. We have to talk about that today

US congressman Mark Green

Lawmakers also pushed Smith for details on Microsoft’s business and presence in China.

“Over the years, Microsoft has invested heavily in China setting up research incentives, including the Microsoft Research Asia centre in Beijing,” said congressman Mark Green from Mississippi, chairman of the homeland security panel.

“Microsoft’s presence in China creates a mix of complex challenges and risks. We have to talk about that today.”

Smith said around 1.5 per cent of the company’s revenue came from China, and that it was working on reducing its engineering presence there.

The world’s biggest software-maker and a major vendor to the US government and national security establishment, Microsoft has faced heightened criticism from its security industry peers over the past year over the breaches and lack of transparency.

Following the board’s criticisms, Microsoft had said it was working on improving its processes and enforce security benchmarks. In November it launched a new cybersecurity initiative and said it was making security the company’s top priority “above all else – over all other features”.
Continue Reading