Microsoft President Brad Smith dishes on the SolarWinds fiasco

If you’re in need of reading material and want an insight into what passes through the minds of those running Microsoft, the company’s president Brad Smith has an updated version of his book “Tools and Weapons: The Promise and the Peril of the Digital Age” making the rounds which, on top of its original content, now offers a look inside how the company viewed the SolarWinds attacks (via GeekWire). These attacks paved the way for a 2021 rich with SolarWinds and Microsoft Exchange server news, most of it negative in nature, relating to vulnerabilities, compromised entities, and general chaos.

“It’s impossible to avoid the grave conclusion that the sharing of cybersecurity threat intelligence today is even more challenged than it was for terrorist threats before 9/11,” Smith writes in his book alongside co-author Carol Ann Browne, linking the struggles of a pre and post 9/11 world to that of the one that allowed for the SolarWinds situation to occur.

Lots of details about Microsoft’s actions in response to the SolarWinds threat are found in the book, including interesting tidbits like how monitoring and managing the situation became the full-time job of over 500 employees at one point in the threat’s lifecycle. Amazon Web Services is also namedropped, being directly linked as one of the services used by attackers for hosting their command-and-control servers.