Microsoft: Yeah, about Those Distributed Systems and the Wonderful Exchange Systems

March 8, 2021

I found the information about the most recently disclosed Microsoft Exchange breaches troubling. The “1,000 bad actors” comment from the Softies seemed to say:

Hey, how can a company like Microsoft defend itself against a 1,000 programmers focused on undermining out approach to building, deploying, and servicing our software?

Yep, 1,000 bad actors were allegedly needed to create the issues associated with SolarWinds and the assorted silly names attached to malware available via certain “dark” channels?

How many bad actors does it take to create issues for what is it? 20,000 or more organizations. One news service based in India did its level best to maintain an even tone in “Over 20,000 U.S. Organizations Compromised through Microsoft Flaw.” See the number? 20,000. Maybe India does not buy into a larger number; for example, Krebs on Security states: “At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software.”

Just a delta of 10,000? Hey, no big deal.

Now who pulled off this hack in the midst of the SolarWinds’ misstep? China. The country is larger than Russia which managed an estimated 18,000 compromised systems.

Okay, it is time to face up to reality:

  1. The oh-so-nifty distributed systems which rely on libraries which may or may not be secure is a big, fat sitting duck
  2. There is no quick fix. Microsoft’s rush rush patches don’t seem to be working if the sources I have reviewed are on the money
  3. Microsoft’s method of shoving software to licensees creates problems; for example, check out KIR, a tool that undoes updates which kill or impair licensees’ systems.

Who spotted the breach? Microsoft Defender, the Azure security system, Microsoft’s own security teams? Nope, allegedly an outfit call Volexity.

Exactly what was being monitored by the hundreds of super duper security sleuthers who sell threat intelligence, AI infused cyber security systems, and special entities which perform checks on crucial systems?

Pretty much checking out YouTube, sending text messages about pizza, and posting to Twitter about the perils of Facebook and Google.

The scale of the Exchange misstep is interesting.

What happens if one of the groups undermining the computer systems of the US decide to terminate the systems for finance, travel, and mobile communications?

Here’s my answer: Find a donkey and a cart. Life will change quickly and no quick patch for deeply flawed Microsoft technical processes will arrive to make everything better again.

Microsoft’s methods are the problem. And what about the 1,000 programmers? That’s Microsoft speak for flaws which a small group of focused bad actors can achieve. The only coding that takes a 1,000 people is Microsoft’s Teams unit. Those folks are adding features while core functions are stripped bare, exploited, and turned into weapons.

It will be interesting to learn what Microsoft apologists involved in the JEDI program say about this misstep.

Keep in mind. No one knows exactly how many systems have been and remain compromised by by the SolarWinds’ and the most recently revealed Exchange fumble.

What will Brad Smith say? I can hardly wait assuming that my systems are not zapped by bad actors who are surfing on shoddy solutions.

Stephen E Arnold, March 8, 2021

Comments

Got something to say?





  • Archives

  • Recent Posts

  • Meta