15 min listen
Whistleblower says Microsoft was warned ahead of SolarWinds hack
FromSoundside
ratings:
Length:
14 minutes
Released:
Jun 17, 2024
Format:
Podcast episode
Description
Microsoft continues to face tough questions about its security protocols and commitment to safety after a whistleblower says he warned the company about a serious vulnerability involving third party software years ahead of it being exploited in the infamous SolarWinds attack.
Experts believe that it was in September of 2019 that Russian hackers gained access to SolarWinds - a network infrastructure monitoring software relied on by hundreds of thousands of computer systems across the country.
By inserting malware in a SolarWinds update, hackers got a backdoor to those systems, including Microsoft and its customers: the largest of which is the U.S. government. They gained access to sensitive federal agencies, like the departments of Energy and Treasury.
When the hack was discovered 14 months later – it brought home the threat of cyber warfare and the ability of malicious foreign actors to find tiny weaknesses in computer code to cause major damage.
Now, new reporting by ProPublica sheds light on what Microsoft knew about the SolarWinds vulnerability before the attack – and the extent of the hackers’ access. including breaching the agency that maintains America’s nuclear weapons stockpile.
Guests:
Renee Dudley, a tech reporter at ProPublica
Related Links:
ProPublica: https://www.propublica.org/article/microsoft-solarwinds-golden-saml-data-breach-russian-hackers
ProPublica: https://www.propublica.org/article/microsoft-solarwinds-cybersecurity-house-homeland-security-hearing
See omnystudio.com/listener for privacy information.
Experts believe that it was in September of 2019 that Russian hackers gained access to SolarWinds - a network infrastructure monitoring software relied on by hundreds of thousands of computer systems across the country.
By inserting malware in a SolarWinds update, hackers got a backdoor to those systems, including Microsoft and its customers: the largest of which is the U.S. government. They gained access to sensitive federal agencies, like the departments of Energy and Treasury.
When the hack was discovered 14 months later – it brought home the threat of cyber warfare and the ability of malicious foreign actors to find tiny weaknesses in computer code to cause major damage.
Now, new reporting by ProPublica sheds light on what Microsoft knew about the SolarWinds vulnerability before the attack – and the extent of the hackers’ access. including breaching the agency that maintains America’s nuclear weapons stockpile.
Guests:
Renee Dudley, a tech reporter at ProPublica
Related Links:
ProPublica: https://www.propublica.org/article/microsoft-solarwinds-golden-saml-data-breach-russian-hackers
ProPublica: https://www.propublica.org/article/microsoft-solarwinds-cybersecurity-house-homeland-security-hearing
See omnystudio.com/listener for privacy information.
Released:
Jun 17, 2024
Format:
Podcast episode
Titles in the series (100)
"It helps us to reflect on what freedom means": how members of the local Jewish are considering Passover this year: "It helps us to reflect on what freedom means": how members of the local Jewish are considering Passover this year by Soundside