A US cybersecurity advisory panel will investigate risks in cloud computing that will also include Microsoft’s role in the recent breach of government department email systems by suspected Chinese hackers, Bloomberg News reported on Thursday.
The Cyber Safety Review Board (CSRB) will focus on risks to cloud computing infrastructure, including identity and authentication management, and will look at all relevant cloud service providers, the report said, citing people familiar with the matter.
The report comes after Oregon Senator Ron Wyden in July asked the Federal Trade Commission, the Cybersecurity and Infrastructure Security Agency (CISA), and the Justice Department to “take action” against Microsoft following the hack.
Microsoft has been under increasing scrutiny following revelations that hackers allegedly operating on Beijing’s behalf got hold of one of its cryptographic keys and took advantage of a coding flaw to win sweeping access to the company’s cloud email platform.
That access was used to spy on the communications of US Commerce Secretary Gina Raimondo and senior State Department diplomats.
The US House of Representatives Oversight Committee last week said it was opening an investigation into China’s suspected involvement in recent breaches of Commerce and State Department email systems.
Microsoft and CISA did not immediately respond to requests for comment.
© Thomson Reuters 2023