Congress hammers Microsoft president on security after hacks The Register

pLawmakers on Thursday grilled Microsoft president Brad Smith about the Windows giants businesses dealing in China and the supercorps repeated security failings at a time when Beijingbacked spies are accused of breaking into Microsofthosted email accounts of American government officialsppA US House committee hearing was held in response to the Homeland Security Cyber Safety Review Boards CSRB report which found that a cascade of Microsofts avoidable errors allowed Beijings Storm0558 spy crew to steal tens of thousands of sensitive emails from the cloudbased Microsoft Exchange Online inboxes of US Secretary of Commerce and highranking officials at the Department of State among othersppThat theft was enabled by a cryptographic key stolen from a crash dump file on Microsofts internal corporate networkppMicrosoft accepts responsibility for each and every one of the issues cited in the CSRBs report Smith said in his opening statements before the House Committee on Homeland SecurityppBut then in response to questioning Smith also tried to say the fact that the US State Department  not Microsoft  discovered the digital intrusion into its officials inboxes wasnt exactly a security failure on Redmonds part but rather the way it should workppQuite frankly were still not sure what Jedimind trick Smith thought he was pulling with that statementppIndeed challenging that move House Rep Bennie Thompson DMS told Smith Microsoft didnt find the problem It was the State Department that found the problem Help us outppSmith responded in a way that brazenly tried to offload the blame to othersppThats a great question And the one thing Id ask all of us to think about is thats the way it should work No one entity in the ecosystem can see everything so we all need to work togetherppGive us a breakppThompson didnt let Smith off the hook with that answer and pointed out that Microsoft provides about 85 percent of the productivity software used by the federal government Plus Redmond is a major security and cloud services provider to the Feds  ppBecause you are such a big customer of government we rely heavily on your product and its not our job to find the culprits the ranking committee member said Thats what were paying you forppOther congress members interrogated Smith about Microsofts presence in China and whether Redmond could be forced to hand over code or customers sensitive data to comply with Beijings national security lawsppSmith told lawmakers that Microsofts business in China represents about 15 percent of his companys revenue and that it recently told some 800 engineers in the country that they needed to move out of China to keep their positionsppRepresentative Carlos Gimenez RFL pointed to a 2017 national intelligence law in the Middle Kingdom that can be used to force people and organizations operating in the country into assisting Chinese intelligence agencies Their exchange then went like thisppGimenez Do you operate in China ppSmith Yes we doppGimenez Do you comply with this law ppSmith No we do not ppGimenez How is it you got away with not complying with the law Do you have a waiver from the Chinese government saying that you dont have to comply with this lawppSmith No we do notppI just dont trust what youre saying to me Gimenez said Youre operating in China You have a cozy relationship in China Youre there They allow you to be there and I dont believe that theyre going to say Yeah okay no problem You dont have to comply with our law that everybody else does Every other foreign company has to but not MicrosoftppRep Marjorie Taylor Greene RGA used her five minutes of questioning to advance her conspiracy theories about the CSRB which was established under President Joe Bidens Executive Order 14028 on Improving the Nations Cybersecurity and is housed within the US Cybersecurity and Infrastructure Agency CISAppCISA also has a bad reputation especially among Republicans They colluded with big tech and social media companies stripping Americans of their First Amendment rights Greene saidppThe Register reached out to Greenes office to help us decode that claim and did not receive a response ppSend us newsppThe Register Biting the hand that feeds ITpp
Copyright All rights reserved 19982024

p