Microsoft Downplays CSIS Report
- By Scott Bekker
A recent report issued by the Center
for Strategic and International Studies (CSIS)
warns that the hacker who
’s network in
October could pose a threat to national security.
The report, entitled, “Cyber Threats and Information
Security: Meeting the 21st Century Challenge,” says the government
should be concerned because most military and government systems are powered by
Microsoft has admitted in the past that the hacker did penetrate
its network, but denied that the hacker gained access to its source code for
some if its future products. Despite Microsoft’s denial, the CSIS report says
the government, as well as the private sector, should be concerned about future
When contacted about the report, Microsoft issued a
statement in response to CSIS’ report on the break-in and the consequences.
“The CSIS quote sensationalizes the incident and misstates
the fact in a number of important ways,” a Microsoft spokesman said. “Most
important, Microsoft has repeatedly stated that after tracking intruders and
investigating their activities, there is no evidence and no basis to believe
that they had any access at all to Windows or Office Source code. That is, we have
no reason to believe that the intruders were able to see Windows or Office
source code, much less modify it. Microsoft’s current and future products
remain intact and secure, and customers can use them with confidence.
A report by Giga
Information Group, entitled "The Microsoft Hack Reveals Security
Strength, Not Weakness," seemed to back up Microsoft’s claims. In the
report Steven Hun states, "Microsoft's technical and procedural security
measures following the hack were appropriate and successful, and most qualify
as best practices." – Jim Martin
Scott Bekker is editor in chief of Redmond Channel Partner magazine.