In a scathing indictment of Microsoft corporate security and transparency, a Biden administration-appointed review board issued a report Tuesday saying “a cascade of errors” by the tech giant let state-backed Chinese cyber operators break into email accounts of senior U.S. officials including Commerce Secretary Gina Raimondo.

The Cyber Safety Review Board, created in 2021 by executive order, describes shoddy cybersecurity practices, a lax corporate culture and a lack of sincerity about the company’s knowledge of the targeted breach, which affected multiple U.S. agencies that deal with China.

It concluded that “Microsoft’s security culture was inadequate and requires an overhaul” given the company’s ubiquity and critical role in the global technology ecosystem. Microsoft products “underpin essential services that support national security, the foundations of our economy, and public health and safety.”

  • @AnUnusualRelic
    link
    28 months ago

    Lol at US officials using ms mail. Who comes up with those ideas?

    I’m not sure other countries are much brighter in that regard though.

    • Optional
      link
      18 months ago

      Business people who don’t understand computers. They still run everything and still make these bad decisions. It’s still crazy.

      • @elshandra
        link
        1
        edit-2
        8 months ago

        If only it were that easy, we’re talking about govt departments here. It’s because they’ve either been brainwashed into it, or the executive profiting from this somehow.

        There’s a lot of stupid rules about what you should and shouldn’t use in gov, and some of the barriers to the should list are very expensive. It’s frustrating as hell to know there’s a great tool for a job, but not being able to use it because they haven’t got some accreditation.

        e: clarified individual profit, before it read like the department profits.