At a congressional hearing this week, Microsoft President Brad Smith acknowledged the company’s role in a massive security breach that allowed China-linked hackers to penetrate federal computer networks. He also defended the company’s work under communist dictatorships.
CNBC Reports Smith offered remorse in testimony before the House Homeland Security Committee and pledged to address security flaws in Microsoft products widely used by federal agencies. But Republicans shifted focus to Microsoft’s activities in China, questioning whether the company could strengthen cybersecurity while operating in a country where the government by law requires it to access data from companies and other organizations.
Cyber threats from China. Chinese hacker operating a computer. Binary code with the colors of the Chinese flag in the background. DDoS attack (Dmitry Nogaev/Getty Images).
Smith argued that Microsoft’s data centers and cloud services in China are primarily provided to U.S. and other non-Chinese companies, helping to protect trade secrets. He also noted that Microsoft’s China operations account for only 1.4% to 1.5% of the company’s total revenue. When asked by Rep. Carlos Gimenez (R-Fla.) whether it was worth doing business in China, Smith argued that Microsoft was not complying with China’s 2017 National Intelligence Law, which requires companies to provide information requested by the government, and that it had refused some of Beijing’s requests, but did not provide details.
The hearing was organized following the release of a scathing government report in April that found Microsoft made “a series of mistakes” that allowed government-backed Chinese hackers to penetrate email accounts used by federal employees and officials, including the theft of Commerce Secretary Gina Raimondo’s emails. The report, issued by the Cyber Security Review Board, concluded that the intrusion was “preventable” and criticized Microsoft’s corporate culture for underestimating corporate security investments and rigorous risk management.
Smith assured lawmakers that Microsoft fully accepts the report’s findings and is implementing its recommendations. The company has deployed about 34,000 engineers to focus on security, which Smith described as “the largest cybersecurity engineering project in the history of digital technology.” He acknowledged that while Microsoft has not lost sight of the importance of security, many in the workforce have become overly reliant on large teams of security experts to address potential cyber threats, rather than viewing security as a collective responsibility.
Click here for details CNBC is here.
Lucas Nolan is a reporter for Breitbart News covering free speech and online censorship.
