Father
Professional
- Messages
- 2,602
- Reaction score
- 831
- Points
- 113
The government's monopoly on IT systems has raised many questions about security.
Former White House Senior Director of Cyber Policy AJ Grotto expressed concern about Microsoft's significant control over IT technologies in the US government, calling it a national security issue.
In an interview with The Register, Grotto stressed that even minor concessions from Microsoft are achieved with great difficulty. Grotto recalled the SolarWinds scandal, pointing out that Microsoft offered advanced logging capabilities to federal agencies as a paid option, rather than by default, which made it very difficult to identify a threat after a security breach. According to Grotto, the company has had a hard time agreeing to provide such capabilities by default, despite significant revenues from its security solutions, amounting to about $20 billion in 2023.
An additional concern is the hacking of Microsoft Exchange by Chinese spies Storm-0558, which allowed access to the email of American politicians. Grotto claims that Microsoft's dominance in productivity software (85% of the company's share) and operating systems threatens national security.
In solving the problem, Grotto sees the need to step up competition and strengthen public control over Microsoft's actions. Experts believe that only market incentives can force a corporation to change its behavior, especially if customers start looking for alternatives in response to public revelations of its mistakes.
Recall that in March, the German authorities expressed serious concern about the threat of large-scale cyber attacks, which affect about 17,000 (about 37%) of all Microsoft Exchange servers in the country. The government has warned of a "massive disruption to regular operations" in the IT sector, describing the situation as"critical for business". The main reason for the alarm was the "catastrophic" security situation with the use of Microsoft Exchange, a key communication tool for many German companies.
Also in early April, the CISA agency uncovered serious flaws in Microsoft's cybersecurity, which led to a large-scale Exchange data leak committed by the Storm-0558 group.
Former White House Senior Director of Cyber Policy AJ Grotto expressed concern about Microsoft's significant control over IT technologies in the US government, calling it a national security issue.
In an interview with The Register, Grotto stressed that even minor concessions from Microsoft are achieved with great difficulty. Grotto recalled the SolarWinds scandal, pointing out that Microsoft offered advanced logging capabilities to federal agencies as a paid option, rather than by default, which made it very difficult to identify a threat after a security breach. According to Grotto, the company has had a hard time agreeing to provide such capabilities by default, despite significant revenues from its security solutions, amounting to about $20 billion in 2023.
An additional concern is the hacking of Microsoft Exchange by Chinese spies Storm-0558, which allowed access to the email of American politicians. Grotto claims that Microsoft's dominance in productivity software (85% of the company's share) and operating systems threatens national security.
In solving the problem, Grotto sees the need to step up competition and strengthen public control over Microsoft's actions. Experts believe that only market incentives can force a corporation to change its behavior, especially if customers start looking for alternatives in response to public revelations of its mistakes.
Recall that in March, the German authorities expressed serious concern about the threat of large-scale cyber attacks, which affect about 17,000 (about 37%) of all Microsoft Exchange servers in the country. The government has warned of a "massive disruption to regular operations" in the IT sector, describing the situation as"critical for business". The main reason for the alarm was the "catastrophic" security situation with the use of Microsoft Exchange, a key communication tool for many German companies.
Also in early April, the CISA agency uncovered serious flaws in Microsoft's cybersecurity, which led to a large-scale Exchange data leak committed by the Storm-0558 group.
