Lawmakers on Thursday questioned Microsoft President Brad Smith about the Windows giant’s businesses trading in China — and the supercorp’s repeated security lapses — at a time when Beijing-backed spies are accused of breaking in in Microsoft-hosted email accounts of US government officials.
A hearing was held in the U.S. House of Representatives in response to the Homeland Security Cyber Safety Review Board (CSRB) report, which found that a “cascade of preventable mistakes by Microsoft” destroyed the Storm-0558 spy squad enabled Beijing to steal tens of thousands of sensitive emails from the cloud. -based Microsoft Exchange Online inboxes from the US Secretary of Commerce and senior State Department officials, among others.
“Microsoft accepts responsibility for each of the issues raised in the CSRB report,” Smith said in his opening statements before the House Committee on Homeland Security.
And then, in response to questions, Smith also tried to say that the fact that the US State Department – and not Microsoft – discovered the digital intrusion into its officials’ inboxes was not a security failure by Redmond, but rather “the way where it should be’. work.”
Honestly, we’re still not sure what Jedi mind trick Smith thought he was pulling with this statement.
But, as House Representative Bennie Thompson (D-MS) told Smith, “Microsoft didn’t find the problem. It was the State Department that found the problem. Help us.”
Smith responded in a manner that brazenly attempted to shift the blame onto others:
Give us a break.
Thompson didn’t let Smith off the hook with that answer, pointing out that Microsoft provides about 85 percent of the productivity software used by the federal government. In addition, Redmond is a major provider of security and cloud services for the Fed.
“Because you are such a big customer of the government, we rely heavily on your product, and it is not our job to find the culprits,” the ranking committee member said. “We’ll pay you for that.”
Other members of Congress questioned Smith about Microsoft’s presence in China, and whether Redmond could be forced to turn over code or sensitive customer data to comply with Beijing’s national security laws.
Smith told lawmakers that Microsoft’s business in China represents about 1.5 percent of his company’s revenue, and that it recently told about 800 engineers in the country to leave China to keep their positions.
Rep. Carlos Gimenez (R-FL) pointed to a 2017 national intelligence law in the Middle Kingdom that could be used to force people and organizations operating in the country to help Chinese intelligence services. Their exchange then went as follows:
“I just don’t trust what you’re saying to me,” Gimenez said. “You’re active in China. You have a cozy relationship in China. You’re there. They allow you to be there, and I don’t think they’re going to say, ‘Yes, okay, no problem.’ You don’t have to obey our law like everyone else does.’ Every other foreign company has to do that, but not Microsoft.”
Rep. Marjorie Taylor Greene (R-GA) used her five minutes of questioning to advance her conspiracy theories about the CSRB, which was created under President Joe Biden’s Executive Order 14028 on ‘Improving the Nation’s Cybersecurity,’ and is housed within U.S. Cybersecurity and Agency for Infrastructure (CISA).
“CISA also has a bad reputation, especially among Republicans. They have conspired with major technology and social media companies and deprived Americans of their First Amendment rights,” Greene said.
The register contacted Greene’s office to help us decipher that claim, but received no response. ®