What do you think? Leave a respectful comment.

U.S. cyberattack ‘a serious, ongoing problem,’ Microsoft cautions

The U.S. cybersecurity team is still trying to determine exactly who is responsible for a major cyberattack in the U.S., with many signs pointing to the Russian government. Microsoft, which has built the systems for a majority of computers in the U.S., said they too have found malicious software on its systems. William Brangham spoke with Brad Smith, president of Microsoft, to learn more.

Read the Full Transcript

  • Judy Woodruff:

    The reverberations continue about this large-scale computer hacking operation that infiltrated the networks of several government agencies and thousands of private companies.

    William Brangham talks with the head of one of the nation's top tech firms about this crisis.

  • William Brangham:

    That's right, Judy.

    The U.S.' cybersecurity team is still trying to find out precisely who is responsible for this attack. Varied reports have pointed the finger at the Russian government.

    The company Microsoft, which has built the systems for the majority of computers in the United States, said that it too found malicious software on its systems.

    In an open letter on their Web site, Brad Smith, the company's president, called this attack a reckoning. And he wrote — quote — "It represents an act of recklessness that created a serious technological vulnerability for the United States and the world."

    And Brad Smith joins me now.

    Welcome to the "NewsHour," Mr. Smith. Great to have you here.

    You said that this attack should trigger a reckoning. A reckoning by whom and about what?

  • Brad Smith:

    Well, I think it's a reckoning for all of us.

    It's certainly a reckoning not just those of us in the tech sector, who have a critical ongoing role to play, but for everybody in the federal government as well.

    What we're seeing here is an attack that really disrupted the entire technology supply chain by planting malware in some network management software from another company that found its way onto the computers of probably 18,000 enterprises around the world.

    In effect, it unlocked the door. And then we have seen what is probably an intelligence agency go through that door, and then further exploit the systems, extract information from we have already identified more than 40 customers, including multiple parts of the United States government.

    So, it put at risk our economy, and then it put at risk and in jeopardy our national security. It shows us that we need to do more and really work together differently to better protect the nation's defenses.

  • William Brangham:

    I know your firm is doing a good deal of detective work to get to the bottom of this.

    Is there any evidence that vulnerabilities on your own systems contributed to this or were — in ways made this tech more likely to occur?

  • Brad Smith:

    No, we found no evidence that there were any vulnerabilities in Microsoft products or services or that our products or services have been impacted in any way or used as the attack vector, so to speak.

    But we do have more than 500 security engineers at Microsoft working this week to sift through data, take the telemetry that we get back from our customers, identify who has been compromised, and then, most importantly, work with them to put their security back in place.

  • William Brangham:

    In that open letter that you posted on your site, you said that one of the things we need to do more broadly is to tighten the international constraints on nation-states that might be perpetrating attacks like this.

    Do you really think that that could be a useful deterrent? I mean, we have been after the Russians, the North Koreans, the Chinese for different types of espionage, cyber-espionage. And it seems to have not necessarily been that effective.

  • Brad Smith:

    Well, I think this is a serious ongoing problem that requires a multifaceted response.

    It actually starts, I think, with better sharing of threat intelligence between the government and the private sector and, frankly, learning the lessons from the 9/11 Commission. We would all be well-served to read that report again, because what it said was that the only way to protect the country from these kinds of foreign threats is to better share intelligence.

    So, that's the first thing we need to do. And then we do need to equip the government with a range of tools, so it can respond appropriately, all the way from public attributions, to sanctions, to, in some cases, stronger deterrent responses.

    That will ultimately be the kind of decision that the president of the United States needs to make. But the more tools that are available, the stronger defense we have, the better the country will be served.

  • William Brangham:

    How much of the responsibility do you believe falls on companies like yours to build ever more robust systems to defend against these types of intrusions?

  • Brad Smith:

    Well, I think, in many ways, we have the first responsibility.

    It is a responsibility that impacts every company in the technology sector. And that's part of what's illustrated here. This was an attack that exploited the software of a network management software company that most people were not familiar with.

    But it shows that we all can do more to work together. And that's a key lesson. Ultimately, it's a shared responsibility with the government as well.

  • William Brangham:

    One of the things you also pointed out in that letter which I don't think people really appreciate is this growing network of private companies that can be hired to outsource cyber-espionage and infiltration.

    How do we address that? Because those private enterprises that make money by doing these types of attacks, they might not respond to diplomatic or economic pressure, the same way a nation might.

  • Brad Smith:

    Well, I think it is a serious additional part of the problem, because the truth is, there are only a few governments in the world that are sophisticated in terms of internal talent to engage in these kinds of attacks.

    But we're suddenly seeing the emergence of these new companies that are a bit like 21st century mercenaries. They're for hire. They will help governments attack others. We should put them out of business, is the short story. If we have strong domestic laws, not just in the United States, but in all of the world's democracies, then these companies are going to have a much more difficult time engaging in this kind of conduct.

    So, this is, I think, ripe for a new diplomatic initiative by the incoming Biden administration with our NATO allies. It is ripe, I think, for additional action by Congress to put this where it should be, which is clearly out of bounds.

  • William Brangham:

    This attack went on for months that we know of. And these attackers were very patient. They were very stealthy.

    And only after many months of them being within all of these different companies' systems did we find out about it. Isn't it possible that there could be other attacks currently going on that we don't know about yet.

  • Brad Smith:

    Well, unfortunately, this attack is ongoing. Unfortunately, this is a very sophisticated actor.

    We should of course assume that this is not the only attack that this particular intelligence agency, in all probability, is interested in pursuing. We should assume that there are other governments that are equally sophisticated. And we should assume that advances in artificial intelligence are going to make these kinds of attacks even more powerful and even more sophisticated than they are today.

    In short, we have our work cut out for us.

  • William Brangham:

    How long do you think it will be until we can really get to the bottom of this, of both disentangling the damage that was done and finding out what might have been taken from all of these companies, but also to figure out whether there are still infiltrations that are going on and whether they're still lurking in these systems?

    I mean, the former White House homeland security adviser said that this could be yours to get this job done.

  • Brad Smith:

    Well, I think that the first part of this, identifying who has been victimized, getting these actors out of their networks, that's probably an exercise that takes weeks and months. That part probably doesn't take years.

    But we do have years of work ahead of us. In some cases, there may be some institutions that will want to fundamentally rebuild the way their networks work because of this. But I think the bigger long-term challenge, frankly, something that's going to last for the rest of our lives, is the need for us as a nation to constantly innovate, because our adversaries are innovating.

  • William Brangham:

    All right, Brad Smith, president of Microsoft, thank you very much for your time.

  • Brad Smith:

    Thank you.

Listen to this Segment