Google’s been lobbying for more scrutiny into Microsoft’s liability for SolarWinds hack

Reading time icon 3 min. read

Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more

Over the past couple of years, Microsoft has attempted to put the screws to Google through public statements and private lobbying while the company fends off several antitrust cases globally.

Fortunately, for Google, the time has come to enact a bit of political retribution as Microsoft has come under recent fire for its involvement in the unprecedented SolarWinds hack.

According to a report from Politico, Google has been whispering in the ear of Senate Intelligence Committee members to poke and prod Microsoft’s defense of its products amid the many failure points a nation-state exploited in its hack of hundreds of businesses who relied on various services from the company.

The Politico report highlights the circumstances that led to some questions asked during Tuesday’s public congressional inquiry regarding the SolarWinds hack.

On Monday, Google offered up a list to lawmakers of more than a dozen questions that one Senate aide said were aimed at scrutinizing the security of Microsoft products, such as Windows 10, Azure and Office 365. The aide spoke on the condition of anonymity in order to discuss the matter freely.

It’s unclear if every lawmaker on the 16-member panel received the list of queries from Google.

The aide said some, but not all, of the questions are intended for Smith, who will appear before the committee Tuesday afternoon alongside executives from SolarWinds and the cybersecurity firms FireEye and CrowdStrike. The latter two companies have been at the forefront of uncovering the breadth and scope of the likely Russian espionage operation that officials believe specifically targeted nine federal agencies and roughly 100 companies.

A second Senate aide who also spoke on the condition of anonymity described Google’s questions as “bad” and that committee members had been told to be wary of them.

Google’s political joust is as expected when it and Microsoft have held a historic rivalry in various sectors, especially in enterprise productivity software where security blemish of this nature for Microsoft could result in greater adoption of Google’s alternative.

Since its discovery two months ago, Microsoft has been on the defense regarding what extent its Microsoft 365 and Outlook services were at fault for the proliferation of the breach. Yesterday, Microsoft reaffirmed its recent position that while Outlook helped spread the phishing scheme through exploited source code, none of its services were actually breached and offered up user data.

Going forward Microsoft is calling on its partners and customers to be more proactive in its cybersecurity protocols. Prior to yesterday’s hearings, Microsoft has already deployed updates to Windows Defender, moved to sinkhole, and applied digital certificates to trustworthy files.