FTC urged to probe Microsoft over ransomware attacks

U.S. Senator Ron Wyden has urged the Federal Trade Commission (FTC) to investigate Microsoft for what he describes as “gross cybersecurity negligence,” as he linked the company’s practices to a series of ransomware attacks on critical infrastructure, including healthcare organizations. In a letter to FTC Chairman Andrew Ferguson, Wyden likened Microsoft to “an arsonist selling firefighting services to their victims,” highlighting the risks posed by default configurations in Windows that have facilitated these cyber incidents. A notable example cited was the May 2024 attack on Ascension, a hospital operator, which compromised the data of nearly 5.6m individuals. Wyden asserts that Microsoft’s outdated security measures contributed to the breach.