Microsoft president Brad Smith criticized Amazon and Google’s public response to the hack of SolarWinds computer network management software that compromised federal and corporate networks.
Mr. Smith testified about Microsoft’s knowledge regarding the hack roiling federal networks at a series of congressional hearings this week including before the Senate Select Committee on Intelligence on Tuesday and a joint hearing of the House Committees on Oversight and Reform and Homeland Security on Friday.
“Earlier this week, you told the Senate Intelligence Committee that it took courage for FireEye and SolarWinds to reveal this hack to authorities. What did you mean by that?” said Rep. Katie Porter, California Democrat, to Mr. Smith.
“What I mean is, you have three companies here today because we have chosen to share information,” replied Mr. Smith at Friday’s hearing. “At Microsoft, we have published 32 blogs about what we observed and what we have seen. If I take my colleagues at Google and Amazon and put them together, they have published one blog. They didn’t get an invitation here as a result.”
Likely Russian hackers leveraged SolarWinds computer network management software to compromise nine federal agencies, according to the U.S. government, but 18,000 public and private sector entities were exposed to hackers as well and could have been victimized.
The Senate Intelligence Committee invited Amazon to appear at its hearing earlier this week but they refused and received bipartisan condemnation for their failure to appear.
“As the chairman mentioned, we had extended an invitation to Amazon to participate. The operation we’ll be discussing today used their infrastructure, at least in part, required it to be successful,” said Sen. Marco Rubio, Florida Republican, at Tuesday’s hearing. “Apparently, they were too busy to discuss that here with us today and I hope they’ll reconsider that in the future.”
After Tuesday’s hearing, an Amazon Web Services spokesperson told The Washington Times it was not affected by the SolarWinds breach and shared what it had learned with law enforcement.
“AWS is not affected by the SolarWinds issue, and we do not use their software,” an AWS spokesperson said in a statement on Wednesday. “When we learned of this event, we immediately investigated, ensured we weren’t affected, and shared what we learned with law enforcement. We’ve also provided detailed briefings to government officials, including Members of Congress.”
Google did not immediately respond to a request for comment.
• Ryan Lovelace can be reached at rlovelace@washingtontimes.com.
Please read our comment policy before commenting.