- 7-Eleven owner confirms new takeover offer from Couche-Tard
- Goodbye Tito? Tomb at risk as Serbs argue over Yugoslav legacy
- Restoration experts piece together silent Sherlock Holmes mystery
- Sinner avoids Shanghai deja vu with assured Shelton win
- Pyongyang to 'permanently' shut border with South Korea
- Trumpet star Marsalis says jazz creates 'balance' in divided world
- No children left on Greece's famed but emptying island
- Nepali becomes youngest to climb world's 8,000m peaks
- Climate change made deadly Hurricane Helene more intense: study
- A US climate scientist sees hurricane Helene's devastation firsthand
- Padres edge Dodgers, Mets on the brink
- Can carbon credits help close coal plants?
- With EU funding, Tunisian farmer revives parched village
- Sega ninja game 'Shinobi' gets movie treatment
- Boeing suspends negotiations with striking workers
- 7-Eleven owner's shares spike on report of new buyout offer
- Your 'local everything': what 7-Eleven buyout battle means for Japan
- Three million UK children living below poverty line: study
- China's Jia brings film spanning love, change over decades to Busan
- Paying out disaster relief before climate catastrophe strikes
- Chinese shares drop on stimulus upset, Asia tracks Wall St higher
- SE Asian summit seeks progress on Myanmar civil war
- How climate funds helped Peru's women beekeepers stay afloat
- Nobel Peace Prize to be awarded as wars rage
- Pacific island nations swamped by global drug trade
- AI-aided research, new materials eyed for Nobel Chemistry Prize
- Mozambique elects new president in tense vote
- The US economy is solid: Why are voters gloomy?
- Balkan summit to rally support for struggling Ukraine
- New stadium gives Real Madrid a headache
- Alonso, Manaea shine as 'Miracle Mets' blitz Phillies
- Harris, Trump trade blows in US election media blitz
- Harry's Bar in Paris drinks to US straw-poll centenary
- Osama bin Laden's son Omar banned from returning to France
- Afghan man arrested for plotting US election day attack
- Brazil lifts ban on Musk's X, ending standoff over disinformation
- Harris holds slight edge nationally over Trump: poll
- Chelsea edge Real Madrid in Women's Champions League, Lyon win
- Japan PM to dissolve parliament for 'honeymoon' snap election
- 'Diego Lives': Immersive Maradona exhibit hits Barcelona
- Brazil Supreme Court lifts ban on Musk's X
- Scientists sound AI alarm after winning physics Nobel
- Six-year-old girl among missing after Brazil landslide
- Nobel-winning physicist 'unnerved' by AI technology he helped create
- Mexico president rules out new 'war on drugs'
- Israeli defense minister postpones trip to Washington: Pentagon
- Europe skipper Donald in talks with Garcia over Ryder return
- Kenya MPs vote to impeach deputy president in historic move
- Former US coach Berhalter named Chicago Fire head coach
- New York Jets fire head coach Saleh: team
Microsoft faces heat from US Congress over cybersecurity
Members of US Congress on Thursday pressed Microsoft to explain a "cascade of avoidable errors" that allowed a Chinese hacking group to breach emails of senior US officials.
Microsoft President Brad Smith spent more than three hours answering questions from members of the House Committee on Homeland Security in Washington, assuring them cybersecurity is being woven more deeply into the technology company's culture.
"Microsoft accepts responsibility for each and every one of the issues cited" in a scathing US government report about the breach "without equivocation or hesitation," Smith told the committee.
The Cyber Safety Review Board (CSRB), led by the US Department of Homeland Security, conducted a seven-month investigation into the incident last year that involved the China-affiliated cyberespionage actor Storm-0558.
"Microsoft has an enormous footprint in both government and critical infrastructure networks," US congressman and committee member Bennie Thompson said to Smith as the hearing opened.
"It is our shared interest that the security issues raised by the (report) be addressed quickly."
The operation, which was first discovered by the US State Department in June 2023, included hacks on the official and personal mailboxes of Commerce Secretary Gina Raimondo and US Ambassador to China Nicholas Burns.
Microsoft's core business is to provide cloud computing services, such as Azure or Office360, that host sensitive data and power business and government operations across major sectors of the economy.
The report criticized a Microsoft corporate culture that was "at odds with... the level of trust customers place in the company."
The review identified a series of operational and strategic decisions by Microsoft that opened the door to the breach, including the failure to identify a new employee's compromised laptop following a corporate acquisition in 2021.
It also found that Microsoft fell short of safety standards seen at competing cloud companies, including Google, Amazon and Oracle.
"The Board finds that this intrusion was preventable and should never have occurred," the review said, pinpointing "the cascade of Microsoft's avoidable errors that allowed this intrusion to succeed."
- 'Lasting change' -
The report also recommended that Microsoft develop and publicly release a plan with timelines to enact wide-ranging security reforms across its products and practices.
"The real challenge is how you achieve effective lasting cultural change," Smith said, noting Microsoft has nearly 226,000 employees.
Smith said Microsoft has the equivalent of 34,000 engineers working full time on answering the security shortcomings in "the largest engineering project focused on cybersecurity in the history of digital technology."
Microsoft's board on Wednesday approved a change that will tie cybersecurity accomplishments with annual bonuses for senior executives and make it part of every employee's annual review, according to Smith.
Microsoft detects some 300 million cyberattacks on its customers daily, with most of those coming from China, Iran, Korea, Russia, or ransomware operations, Smith told the committee.
"We're dealing with four formidable foes in China, Russia, North Korea and Iran, and they are getting better," Smith said.
"We should expect them to work together; they're waging attacks at an extraordinary rate."
While it is inevitable that adversaries will use artificial intelligence for increasingly sophisticated attacks, the technology is already being used to strengthen cyber defenses, Smith added.
Y.Aukaiv--AMWN