Sen. Ron Wyden says Microsoft Corporation failed to fix known issues with its cloud software, which prompted the SolarWinds hack that compromised at least nine federal government agencies.
Wyden, an Oregon Democrat who sits on the Senate Intelligence Committee, said the tech giant should have done more to shore up its defenses, citing the federal government’s close ties with the company.
“The federal government spends billions on Microsoft software,” Wyden told Reuters. “It should be cautious about spending any more before we find out why the company didn’t warn the government about the hacking technique that the Russians used, which Microsoft had known about since at least 2017.”
One of many techniques used in the SolarWinds hack involved a vulnerability first revealed by researchers in 2017, which allows hackers to fake the identity of authorized employees to gain access to customers’ cloud services.
Microsoft claimed the design of its identity services was not at fault for the hack, despite Wyden’s assertions, but acknowledged its programs were not set up to detect the theft of identity tools for granting cloud access.
Multiple federal agencies have blamed Russia for the hack that breached thousands of public and private customers, in addition to the U.S. government. Russia has denied responsibility.
Microsoft President Brad Smith will testify on Friday before the House panel looking into the SolarWinds hacks.
CLICK HERE TO READ MORE FROM THE WASHINGTON EXAMINER
Microsoft did not immediately respond to the Washington Examiner’s request for comment.
