Microsoft, SolarWinds, 1000 Malevolent Engineers, and Too Big to Fail?

April 19, 2021

SolarWinds Hacking Campaign Puts Microsoft in Hot Seat” is an interesting “real news” story. The write up states that the breach was a two stage operation. The first stage was using SolarWinds to distribute malware. The second stage was to use that malware as a chin up bar. Bad actors’ grabbed the bar and did 20 or more pull ups. The result was marketing talk and a mini-meme about 1,000 engineers concentrating their expertise on penetrating the Microsoft datasphere.

The article quoted a cyber security expert as describing Microsoft’s systems and methods as have “systematic weaknesses.” For a company whose software is a “monoculture” with an 85 percent market share, the phrase “systematic weaknesses” is not reassuring. Not only can Microsoft release updates which kill some users’ ability to print, Microsoft can release security systems which don’t secure the software.

The article include this statement:

And remember, many security professionals note, Microsoft was itself compromised by the SolarWinds intruders, who got access to some of its source code — its crown jewels. Microsoft’s full suite of security products — and some of the industry’s most skilled cyber-defense practitioners — had failed to detect the ghost in the network. It was alerted to its own breach by FireEye, the cybersecurity firm that first detected the hacking campaign in mid-December.

I noted that the write up does not point out that none of the cyber security firms’ breach detection solutions noted the SolarWinds’ misstep. That seems important to me, but obviously not to the “real” cyber security professionals.

The US government does not want Microsoft to fail. “NSA and FBI Move to Help Microsoft with Its Exchange Server Vulnerabilities” reports:

It is not just the NSA finding and telling Microsoft about problems with Exchange. The FBI is also concerned with the number of unpatched Exchange servers. In a rare move, the FBI sought and was granted a warrant to patch any unfixed exchange servers it found remotely.

If a Windows update creates a problem for you, perhaps a helpful professional affiliated with a government agency will assist in resolving your problem?

Stephen E Arnold, April 19, 2021

Comments

Got something to say?





  • Archives

  • Recent Posts

  • Meta