Microsoft Corp. President Brad Smith urged the tech industry to work together to ward off cyberattacks similar to the massive breach of network software firm SolarWinds Corp.'s systems.
In a pre-recorded keynote address at CES 2021, the Consumer Technology Association's annual technology and media conference, Smith said the SolarWinds breach was not a case of one nation trying to hack into the computer network of another, but "a massive indiscriminate global assault on the technology supply chain." He said it is the responsibility of the entire tech industry to protect that supply chain.
"It represented a vector of attack that first distributed roughly 18,000 packages of malware on organizational networks literally around the world," Smith said. "It is a danger that the world cannot afford."
As many as 18,000 of SolarWinds' customers were exposed to a software vulnerability in its Orion products that allowed hackers to breach the systems of U.S. agencies such as the Justice Department and companies including Microsoft. Smith disclosed in a December 2020 blog post that the company identified more than 40 of its customers that were targeted by the hack.
Smith urged the tech industry to use its collective voice to say to every government around the world that this kind of supply chain disruption is not something that any government or company should be allowed to pursue.
"When you look at the issues around SolarWinds and its malware, and how things spread, it's a powerful reminder that threat intelligence data about cyberattacks really exists in so many silos today," Smith said. "It is so clear that the only way to protect the future is to understand the threats of the present, and that requires that we share data in new ways."
|
Microsoft President Brad Smith's virtual keynote at CES 2021Smith suggested that there are lessons to be pulled from real-world attacks, such as 9/11, which exposed that insufficient data and threat information was shared across the U.S. government. The culture must move away from a need-to-know basis so people feel a need to share information that could prevent attacks while maintaining their personal privacy.
"If the last month and the perspective from history teaches us anything, it's this: the best time to have a 9/11 commission is before the next 9/11," Smith said.
Following his comments on cybersecurity, Smith's keynote also touched on potential dangers that artificial intelligence could pose as it continues to evolve. He cited facial recognition as an example, noting that while the technology has made it convenient to carry out tasks such as unlocking phones, it also raises serious concerns when it comes to the protection of people's fundamental rights.
"As we think about AI and the promise of AI in so many ways, we have to think as well about the new guardrails we need to create so that humanity remains in control of our technology," Smith said.
In 2020, amid a broader national conversation around police reform, large technology companies announced plans to scale back or pause the sale of facial recognition technology to police departments. Microsoft said it would not sell its facial recognition technology to police departments until a federal law is in place to regulate it.
Smith also cautioned that machine learning, which is increasingly being used by companies and organizations across the globe to simplify and broaden a wide range of tasks, can increase the risk of bias and discrimination in a whole variety of different commercial settings.
Just like cybersecurity, the industry needs to come together to address these challenges to ensure that technology does not outpace "our ability to exercise control," Smith concluded.
Other coverage from CES 2021:
CES 2021: 5G adoption showing 'no sign of slowdown' amid pandemic
CES 2021: Film distribution strategy 'a work in progress,' WarnerMedia exec says
CES 2021: Experts weigh in on the importance of diversity in building AI
CES 2021: TV makers turn to 8K, super-sized panels
CES 2021: Samsung unveils new AI-enabled smart home products
CES 2021: Survey predicts consumer tech spending will spike to $461B in 2021
CES 2021: GM says auto sector at 'inflection point' toward zero-emission future
CES 2021: Tech execs see state, global initiatives driving US privacy law
CES 2021: Consumers at the wheel for future of streaming
CES 2021: Best Buy stores will play 'massive role' in fulfillment, CEO says