![Microsoft faces heat from US Congress over cybersecurity](https://www.portugalcolonial.pt/media/shared/articles/f7/bb/eb/Microsoft-faces-heat-from-US-Congre-118663.jpg)
-
'Lucky' Sinner defeats big-hitting Berrettini to reach Wimbledon third round
-
Messi a doubt for Argentina ahead of Copa quarter-final
-
British tennis ace Raducanu votes for 'lie-in' on election day
-
France film director Jacquot charged with raping two actors
-
Israel 'evaluating' new Hamas 'ideas' on halting Gaza war
-
Venezuela, US agree to 'improve relations,' says Caracas
-
Under-fire Kenya govt says to review state salary hikes
-
Thousands told to flee raging California wildfire
-
Osaka focuses on Olympics after Wimbledon KO
-
Tens of thousands flee south Gaza as tensions soar
-
US Fed officials stressed 'patience' on rate cuts: minutes
-
Blond not bombs as Fognini learns to love Wimbledon
-
New lithium plant inaugurated in Argentina
-
Threads hits 175 mn users on first anniversary
-
French court says Netflix shark hit can keep streaming in copycat row
-
Comeback king 'Cav' to carry on doing the thing he loves
-
Alcaraz marches on at Wimbledon as Osaka returns to Centre Court
-
Biden under pressure as Democratic panic rises
-
Belarus frees 'some political prisoners': exiled opposition leader
-
Alcaraz coasts into Wimbledon third round
-
Cavendish makes Tour de France history with 35th stage win
-
Everton sign forward Ndiaye from Marseille
-
Bailed Indian opposition leader to return as chief minister
-
World's oldest artwork discovered in Indonesian cave
-
Toney urges England to kick on after Euros reprieve
-
Murray teams up with Raducanu in Wimbledon mixed doubles
-
Former England rugby coach Jack Rowell dies aged 87
-
Hurricane Beryl bears down on Jamaica
-
US trade deficit expands less than expected in May: govt
-
'The god took away my son': Indians grieve after deadly stampede
-
Moscow hit by heat not seen in over a century
-
US private hiring eases unexpectedly in June: ADP
-
Confident Kroos says Germany-Spain clash 'won't be my last game'
-
Paris bars to open 24h for Olympics opening ceremony
-
Putin, Xi vie for influence at Central Asian summit
-
Germany, Sweden arrest eight over Syria crimes against humanity
-
French giant Mpetshi Perricard joins Wimbledon heavy artillery
-
Two-time Major winner Langer to make 'emotional' European Tour bow
-
French PM urges united front to stop far-right takeover
-
Olympic silver medallist gymnast Poujade dies at 51
-
Bhole Baba: preacher at centre of Indian stampede disaster
-
Microsoft to invest 2.2 bn euros in Spain data centres
-
Showdowns, young guns and own goals as Euro 2024 head into quarter-finals
-
Russia advances in east, kills five in Dnipro strikes
-
France prosecutors request rape charges against film director
-
Schumacher blackmail suspects had 'family photos'
-
EU clears Lufthansa's proposed ITA Airways stake, with conditions
-
Indian World Cup winners head home after hurricane delay
-
120,000 'stolen' babies: Georgia's trafficking scandal
-
Only far right can win absolute majority, French PM warns
![Microsoft faces heat from US Congress over cybersecurity](https://www.portugalcolonial.pt/media/shared/articles/f7/bb/eb/Microsoft-faces-heat-from-US-Congre-118663.jpg)
Microsoft faces heat from US Congress over cybersecurity
Members of US Congress on Thursday pressed Microsoft to explain a "cascade of avoidable errors" that allowed a Chinese hacking group to breach emails of senior US officials.
Microsoft President Brad Smith spent more than three hours answering questions from members of the House Committee on Homeland Security in Washington, assuring them cybersecurity is being woven more deeply into the technology company's culture.
"Microsoft accepts responsibility for each and every one of the issues cited" in a scathing US government report about the breach "without equivocation or hesitation," Smith told the committee.
The Cyber Safety Review Board (CSRB), led by the US Department of Homeland Security, conducted a seven-month investigation into the incident last year that involved the China-affiliated cyberespionage actor Storm-0558.
"Microsoft has an enormous footprint in both government and critical infrastructure networks," US congressman and committee member Bennie Thompson said to Smith as the hearing opened.
"It is our shared interest that the security issues raised by the (report) be addressed quickly."
The operation, which was first discovered by the US State Department in June 2023, included hacks on the official and personal mailboxes of Commerce Secretary Gina Raimondo and US Ambassador to China Nicholas Burns.
Microsoft's core business is to provide cloud computing services, such as Azure or Office360, that host sensitive data and power business and government operations across major sectors of the economy.
The report criticized a Microsoft corporate culture that was "at odds with... the level of trust customers place in the company."
The review identified a series of operational and strategic decisions by Microsoft that opened the door to the breach, including the failure to identify a new employee's compromised laptop following a corporate acquisition in 2021.
It also found that Microsoft fell short of safety standards seen at competing cloud companies, including Google, Amazon and Oracle.
"The Board finds that this intrusion was preventable and should never have occurred," the review said, pinpointing "the cascade of Microsoft's avoidable errors that allowed this intrusion to succeed."
- 'Lasting change' -
The report also recommended that Microsoft develop and publicly release a plan with timelines to enact wide-ranging security reforms across its products and practices.
"The real challenge is how you achieve effective lasting cultural change," Smith said, noting Microsoft has nearly 226,000 employees.
Smith said Microsoft has the equivalent of 34,000 engineers working full time on answering the security shortcomings in "the largest engineering project focused on cybersecurity in the history of digital technology."
Microsoft's board on Wednesday approved a change that will tie cybersecurity accomplishments with annual bonuses for senior executives and make it part of every employee's annual review, according to Smith.
Microsoft detects some 300 million cyberattacks on its customers daily, with most of those coming from China, Iran, Korea, Russia, or ransomware operations, Smith told the committee.
"We're dealing with four formidable foes in China, Russia, North Korea and Iran, and they are getting better," Smith said.
"We should expect them to work together; they're waging attacks at an extraordinary rate."
While it is inevitable that adversaries will use artificial intelligence for increasingly sophisticated attacks, the technology is already being used to strengthen cyber defenses, Smith added.
B.Godinho--PC