Microsoft President to Congress: ‘We Accept Responsibility’ for Cybersecurity Failures
anubi writes:
It looks like Chinese routers aren't the only things that come loaded with bonus software...
NBC news reports:
Microsoft's president told Congress on Thursday his company accepted responsibility for major security failures that let China-linked hackers penetrate federal government computer networks, but defended his company's presence in China.
Brad Smith struck a humble tone in his testimony before the House Homeland Security Committee and promised that the giant tech firm would fix security gaps in its products, which are widely used across federal agencies.
----------------------------------------------------
Somehow, I think it's so ironic that my own government is such a fan of security, yet, by enforced ignorance, the very things that they implement give only the illusion of security. No one knows if there's a backdoor or not, and who can verify?
Gone are the days just a homebrew CRC16 digester, knowledge of exact file length, and a list of files to check, would tell me with almost absolute certainty if my system files had been monkeyed with. If so, which ones? And what did they do? ( File compare... FC.EXE to known good backup copies of the critical files stored on another floppy )
"We acknowledge that we can and must do better"An Anonymous Coward writes:
https://edition.cnn.com/2024/06/13/tech/microsoft-president-congress-cybersecurity-failures/
Microsoft "accepts responsibility for each and every one" of the issues cited in a scathing US government-backed report on the tech giant's cybersecurity failings, Microsoft President Brad Smith will tell US lawmakers Thursday, according to his prepared testimony.
"We acknowledge that we can and must do better, and we apologize and express our deepest regrets to those who have been impacted," reads Smith's testimony to the House Homeland Security Committee. He is set to testify before the panel Thursday afternoon in a hearing the committee says will assess the impact of Microsoft's "cybersecurity shortfalls" on homeland security.
Microsoft has been at the center of two sweeping hacking campaigns in the last year allegedly carried out by Chinese and Russian spies.
A report issued in April by the US Cyber Safety Review Board found that Microsoft committed a "cascade" of "avoidable errors" that allowed Chinese hackers to breach the tech giant's network and later the email accounts of senior US officials last year, including the secretary of commerce. The board is comprised of government and private cybersecurity experts led by the Department of Homeland Security.
Smith says Microsoft has for months been overhauling its cybersecurity practices, in part by implementing recommendations from the US government-backed board.
Read more of this story at SoylentNews.