We have yet more news that Microsoft recently shedding its ethics team to go “full evil” was part of a older and much larger problem from the top.
Former employee says software giant dismissed his warnings about a critical flaw because it feared losing government business. Russian hackers later used the weakness to breach the National Nuclear Security Administration, among others.
In a twist that sounds increasingly common in American tech companies driven by Wall Street, significant known security gaps were intentionally ignored during campaigns to expand potential harm to more victims and then blame them.
Harris’ account, told here for the first time and supported by interviews with former colleagues and associates as well as social media posts, upends the prevailing public understanding of the SolarWinds hack.
From the moment the hack surfaced, Microsoft insisted it was blameless. Microsoft President Brad Smith assured Congress in 2021 that “there was no vulnerability in any Microsoft product or service that was exploited” in SolarWinds.
He also said customers could have done more to protect themselves.
Harris said they were never given the chance.
Blaming customers aged like a fine milk.