Microsoft President Grilled By US Lawmakers After China, Russia Hacks

Senior Microsoft executive has appeared before US lawmakers and accepted responsibility for the recent cyber intrusions on US government systems by China and Russia.

Reuters reported that Microsoft President Brad Smith appeared before a House homeland security panel on Thursday, when he answered questions that centred over recent cyberattacks, and Redmond’s links to China.

Brad Smith’s appearance comes after Microsoft was heavily criticised for its cybersecurity lapses and a lack of transparency in a scathing report in April by the Cyber Safety Review Board (CSRB).

China, Russia hacks

That report identified a series of Microsoft operational and strategic decisions that collectively pointed to a corporate culture that deprioritised enterprise security investments and rigorous risk management, at odds with the company’s centrality in the technology ecosystem and the level of trust customers place in the company to protect their data and operations.

US officials and Microsoft had acknowledged in July 2023 that hackers suspected to be allied to the Chinese government, had accessed the accounts of about 25 organisations, including the US Commerce and State Departments.

Microsoft then revealed that the attack group Storm-0558, affiliated with the People’s Republic of China, had used an acquired Microsoft account (MSA) consumer key to forge tokens to access OWA (Outlook Web Access) and Outlook.com.

China denied the hack (as it commonly does), but it emerged that the US State Department staff whose accounts were compromised mostly focused on Indo-Pacific diplomacy, and the hackers had obtained a list of all the department’s email accounts.

In August 2023 it emerged that Microsoft’s role in the breach of government officials’ email accounts by suspected Chinese hackers was to be officially investigated.

In October 2023 the US State Department confirmed the Microsoft hack was linked to China, and resulted in theft of about 60,000 emails from 10 accounts, including the US ambassador to China.

Meanwhile Russia-linked cybercriminals separately spied on Microsoft’s senior staff emails this year, according to the company’s disclosures.

Congress hearing

Thus after those incidents, plus the damning CSRB report, Brad Smith fielded questions about Microsoft’s security practices and ties to China at a House homeland security panel on Thursday.

Reuters reported that the congressional hearing comes amid increasing federal scrutiny over Microsoft, which is a key vendor to the US government and national security establishment. Microsoft’s business accounts for around 3 percent of the US federal IT budget, Smith reportedly said at the hearing.

Lawmakers grilled Microsoft for its inability to prevent both the Russian and Chinese hacks, which they said put federal networks at risk despite not using sophisticated means.

The company emails Russian hackers accessed also “included correspondence with government officials,” Democrat Bennie Thompson was quoted as saying.

“Microsoft is one of the federal government’s most important technology and security partners, but we cannot afford to allow the importance of that relationship to enable complacency or interfere with our oversight,” he reportedly said.

“We accept responsibility for each and every finding in the CSRB report,” Smith reportedly said at the hearing, adding that Microsoft had begun acting on a majority of the report’s recommendations.

“We’re dealing with formidable foes in China, Russia, North Korea, Iran, and they’re getting better,” said Smith. “They’re getting more aggressive … They’re waging attacks at an extraordinary rate.”

However Congressman Thompson criticised Microsoft for failing to detect the hack, which was discovered instead by the US State Department. Smith reportedly responded saying: “That’s the way it should work. No one entity in the ecosystem can see everything.”

But Congressman Thompson was not convinced.

“It’s not our job to find the culprits. That’s what we’re paying you for,” Thompson was quoted as saying.

China withdrawal

Panel members also probed Smith for details on Microsoft’s business in China, noting that it had invested heavily in setting up research incentives there.

“Microsoft’s presence in China creates a mix of complex challenges and risks,” said Congressman Mark Green from Mississippi, who chaired the panel.

Microsoft earns around 1.5 percent of its revenue from China and is working to reduce its engineering presence there, said Smith.

Last month it was reported that Microsoft was pulling hundreds of its skilled workforce out of China, by offering them relocation to the United States and other countries.

The Wall Street Journal (WSJ) had reported on the relocation offer from Microsoft to about 700 to 800 of its AI and cloud engineers in China, amid growing tensions between Washington and Beijing.

In November 2023 CEO Satya Nadella confirmed that Microsoft isn’t focused on China as a domestic market, but does do business with major Chinese companies operating outside the country.

Last year Microsoft’s LinkedIn stopped operating its InCareer jobs app for professional users in mainland China, citing “fierce competition and a challenging macroeconomic climate.”

The move came two years after Microsoft had shut down the localised version of its main LinkedIn app for users in China.