Microsoft Corp
In 2023, China-linked hackers accessed 60,000 U.S. State Department emails, and earlier this year, a Russian group infiltrated the emails of Microsoft's senior staff.
The Cyber Safety Review Board criticized Microsoft for not being transparent about the Chinese hack, which they deemed preventable, Reuters reports.
Lawmakers will review Microsoft's responses to these incidents, focusing on the company's security strategies and response to the board's report.
Smith will discuss how Microsoft plans to bridge security gaps and improve defenses.
Earlier in 2024, the Cyber Safety Review Board (CSRB) of the Cybersecurity and Infrastructure Security Agency reported that lapses in Microsoft's security measures facilitated a 2023 cyberattack, compromising accounts of high-ranking U.S. officials.
The CSRB identified a China-linked group, "Storm-0558," which exploited weaknesses in Microsoft's cloud security and corporate infosec culture.
The report criticized Microsoft's practices for key rotation in securing the Microsoft Services Account (MSA), highlighting the absence of an automatic signing and deactivation process for key rotation.
Recently, cryptocurrency scammers compromised the official Microsoft India X account (formerly known as Twitter) to impersonate Roaring Kitty, the trader alias of Keith Gill.
The scammers used the account to reply to tweets, directing users to a fraudulent website that falsely advertised a presale for GameStop Corp
Price Action: MSFT shares traded lower by 0.22% at $440.07 at the last check on Thursday.
