The massive SolarWinds cyberattack was a cybersecurity wakeup call, but one that appears to have been heeded in the months since by both the US government and the tech and business world, Microsoft President Brad Smith said Wednesday.
Smith called the hack of the IT software provider a “galvanizing moment,” because it brought to light the sophistication of Russian government’s cyberespionage operations, as well the interconnected nature of the software supply chain that it disrupted.
“I think we’re moving in the right direction,” Smith said during an interview at the WSJ Tech Live conference. He noted that there are several “strong people” focused on cybersecurity working in the White House, as well as legislation moving through Congress that would help prevent future attacks.
At the same time, he says, companies like Microsoft are cooperating with government in hopes of achieving the same goals.
The SolarWinds attack, which US intelligence agencies say likely originated in Russia, penetrated systems at IT software provider SolarWinds and inserted malicious software into an update to the company’s popular Orion products. Thousands of SolarWinds customers installed the tainted update, and hackers were then able to access their systems. Federal agencies, major tech companies and hospitals were among the organizations targeted by the hackers. The Russian government has denied involvement in the attack.
Today’s cyberthreats are “more complicated and more challenging” than ever before, Smith said. He pointed to the growing threat of ransomware from criminal organizations that operate in countries where governments choose to look the other way, while at the same time the country faces nation-state cyberattacks that are akin to acts of war.
Meanwhile, there’s been an “extraordinary leap” in disinformation coming from the same foreign governments involved in the ransomware and nation-state cyberattacks, he said.
Part of the solution, Smith says, lies in both government and businesses investing more in cybersecurity. And that includes growing a larger workforce that can fill the hundreds of thousands of vacant cybersecurity jobs in the US.
He noted that many ransomware attacks can be prevented, or at least substantially mitigated, if basic cybersecurity practices like patching software and keeping systems up to date are followed. But that’s tough to do if companies don’t have the cybersecurity workforce they need.
