Microsoft President Brad Smith said that the U.S. government seems to have repeated a key mistake before the September 11 attacks in the digital realm.
Smith wrote in the latest update of his book that there are still tightly controlled cyberattack information silos among U.S. government agencies. Tools and Weapons: Hope and Danger in the Digital Age, Originally published two years ago.
Smith and co-author Carol Ann Browne wrote in one of three new chapters: “It is impossible to avoid the serious conclusion that today’s cybersecurity threat intelligence sharing is greater than before 9/11. The threat of terrorism is more challenging.” The paperback edition of the book was released on Monday.
An anecdote illustrates this challenge from Microsoft’s perspective:
“At the end of 2020, we repeatedly found that people from federal agencies asked us for information from other government departments because it was easier to obtain information from us than directly from other federal employees. The contract we signed also prohibits us from letting one part of the government know that another part has been attacked.”
This is a bigger gain from the updated book: In the digital age, we still have a lot to learn-including Microsoft and other large technology companies-and these lessons hit us faster than we thought.
SolarWinds attack: This is most obvious in the consequences of the SolarWinds attack, which is the subject of the new opening chapter of this book.
Smith detailed Microsoft’s response to the attack, which is believed to be initiated by a Russian hacker group, stating that the company had assigned more than 500 employees “to handle all aspects of the attack full-time” in the early days. Microsoft CEO Satya Nadella held a daily meeting with the company’s top security experts.
Microsoft’s own investigation found evidence of malicious code on its own network, but Smith reiterated the company’s past statement that attackers cannot change source code, access customer data or production services, or use Microsoft’s systems to attack others.
Smith explained that the attacker “smartly used US data centers to help cover up the attack,” and hosted command and control servers on GoDaddy and Amazon Web Services, apparently to avoid arousing suspicion by the US National Security Agency. Have the right to scan online activities abroad but not domestic.
He wrote that Microsoft controlled one of the servers from GoDaddy, and the security team was able to activate the kill switch in the malware to limit the attack.
He also emphasized the importance of companies sharing more information on security breaches, which was the focus of the recent White House summit.
Software and cloud: In other cases, Microsoft’s own software is also part of the problem, including a group sponsored by China that used vulnerabilities in the company’s Exchange Server software to conduct attacks.
Looking at the overall picture, one of Smith’s solutions is to migrate more software to the cloud and shift the responsibility for patching from individuals and companies. He admits that this is for the executives of a large cloud technology company. That is not surprising.
“As I admitted to the Senate Intelligence Committee, there is always the danger of the hammer treating everything as a nail,” he wrote. “But from our perspective, these events clearly tell us that for most customers, modernizing their technical infrastructure by migrating to the cloud and relying on the company’s cyber security expertise makes this a core competition. The force part is much better.”
Pence’s misjudgment: Under normal circumstances, a technology company would welcome a US vice president to encourage organizations to use its software for some compelling purposes.
Smith wrote, but when Microsoft executives saw a letter from the then Vice President Mike Pence, they “almost fell off their chairs”, instructing hospitals across the country to use Excel spreadsheets to send every report to the White House. Daily report.
“Not only did it fail to use the correct data analysis tools,” Smith wrote, “but it tried to collect data at the national level, which was easier for counties and states to collect, and finally aggregated across the country.”
Technology in the pandemic: The new chapter focuses on the impact of COVID-19 on global work and life. For example, Smith drew insights from the aftermath of the Second World War to warn against believing the “overactive” predictions of a large number of shifts to virtual work.
He said that reality is somewhere in between.
He wrote: “When we step back and consider technology trends more broadly, it is clear that people will have more lifestyle choices.” “This means that people have the flexibility to choose the best options for online and face-to-face interactions. , To integrate different experiences to meet different needs.”