Microsoft President Brad Smith will appear before the House of Representatives Homeland Security Committee on Thursday to address growing cyberattacks and security concerns.
In his testimony, Smith will acknowledge Microsoft’s responsibility for recent cyberattacks, including hacks originating in China, and describe the steps the company has taken to address security vulnerabilities. Here are all the details…
Microsoft President Smith to take responsibility for cyber attacks
In recent years, Microsoft has been the target of two major cyberattacks. The first was in July 2022, when a Chinese-backed group hacked into the email accounts of several senior officials, including Commerce Secretary Gina Raimondo and State Department officials. In the second attack, hackers linked to Russian intelligence targeted Microsoft, infiltrating the email systems of several federal agencies.
These incidents raised serious concerns about Microsoft’s cybersecurity measures. In a report published in April, the Cybersecurity Review Board (CSRB) stated that the Chinese attack was preventable and was caused by Microsoft’s security vulnerabilities. This prompted some senators to oppose the Pentagon’s plans to use Microsoft products and rival companies to step up their lobbying of government agencies.
In response to the criticism, Microsoft launched a new cybersecurity plan called the “Secure Future Initiative”. Under this plan, managers’ performance evaluations will be based on cybersecurity achievements, and company resources will be directed to security investments instead of rapid product development.
In his congressional address, Smith will acknowledge the criticisms in the CSRB report and explain how the Secure Future Initiative will address these issues. Smith will also state they are prepared to host CISA officials for a “detailed technical briefing” at Microsoft headquarters.
This congressional hearing is critical because the federal government heavily relies on Microsoft products. Many government agencies rely on Microsoft products such as operating systems, email services, cybersecurity software, and office software. Organizations such as the Software and Information Industry Association call on the government to reduce its dependence on a single company and seek alternative solutions.
Featured image credit: Microsoft
