HomeWinBuzzer NewsLawmakers Question Microsoft´s Brad Smith Over China Ties and Security Failures

Lawmakers Question Microsoft´s Brad Smith Over China Ties and Security Failures

Brad Smith faced questions from lawmakers about operations in China and errors that facilitated a cyber-attack by chinese hackers.

-

During a recent congressional hearing, President Brad Smith faced questions from lawmakers about the company's security issues and its operations in China. Allegations of cyber espionage by a group purportedly linked to Beijing, targeting email accounts of U.S. government officials hosted by Microsoft, prompted the U.S. House Committee on Homeland Security to hold this session.

A report from the Homeland Security Cyber Safety Review Board (CSRB) indicated that errors made by Microsoft had facilitated a cyber-attack by China's Storm-0558 group.

Security Failures Under Scrutiny

The CSRB found that several preventable mistakes by Microsoft allowed Chinese hackers to access sensitive emails from Microsoft Exchange Online accounts. This breach affected email communications of high-ranking officials, including the U.S. Secretary of Commerce. Smith accepted Microsoft's fault for the security lapses, as detailed in the report.

Microsoft accepts responsibility for each and every one of the issues cited in the CSRB's report“, Smith said in his opening statements before the House Committee on Homeland Security.

However, he suggested that the U.S. State Department's discovery of the breach was an expected outcome rather than a failure on Microsoft's part—a notion that lawmakers, particularly House Rep Bennie Thompson (D-MS), found dubious, asking “Microsoft didn't find the problem. It was the State Department that found the problem. Help us out“. 

That's a great question. And the one thing I'd ask all of us to think about is that's the way it should work. No one entity in the ecosystem can see everything, so we all need to work together“, Smith replied.

Thompson highlighted the importance of Microsoft's role in identifying security breaches, considering its widespread adoption by federal agencies. He noted that Microsoft supplies approximately 85 percent of the productivity software utilized by the federal government and that Redmond is a key provider of security and cloud services to federal entities.

Because you are such a big customer of government, we rely heavily on your product, and it's not our job to find the culprits“, Thompson  argued, adding, “That's what we're paying you for“.

Microsoft's China Operations

Scrutiny also extended to Microsoft's business dealings in China and its compliance with local laws. Smith revealed that China accounts for about 1.5 percent of Microsoft's revenue, and around 800 engineers have been asked to move out of China to retain their jobs.

Lawmakers, particularly Representative Carlos Gimenez (R-FL), expressed concerns about a 2017 Chinese law requiring companies to support intelligence activities. Smith affirmed that Microsoft does not comply with this law, but this assertion faced skepticism, with Gimenez questioning how Microsoft could operate in China without adhering to local regulations.

Political Reactions and Conspiracy Theories

Rep Marjorie Taylor Greene (R-GA) used her time to accuse the CSRB and the U.S. Cybersecurity and Infrastructure Agency (CISA) of colluding with tech firms to infringe on First Amendment rights. Greene's office did not respond to requests for clarification on her claims.

The hearing highlighted ongoing apprehensions about cybersecurity and the challenges of maintaining operational integrity in China under stringent national security regulations.

Markus Kasanmascheff
Markus Kasanmascheff
Markus has been covering the tech industry for more than 15 years. He is holding a Master´s degree in International Economics and is the founder and managing editor of Winbuzzer.com.

Recent News

Mastodon