FIRST AIRED: October 17, 2017

Nice work! Enjoy the show!

×

You’re busy. We get it.

Stay on top of the news with our Editor’s Picks newsletter.

US Edition
Intl. Edition
Unsubscribe at any time. One click, it’s gone.

Thanks for signing up!

×

Transcript

00:00:01
>> What would Microsoft do if its top secret database keeping tracks of bugs in its software was broken into? Such bugs vulnerabilities in software are coveted by spies and hackers who use them to create hacking tools. Well, it turns out they were hacked and they hid this breach for four years, and even set up a small team of security engineers to deal with it.
00:00:23
That's according to five former employees interviewed by Reuters cybersecurity reporter Joseph Men, who broke the story.>> So one of the reasons that Microsoft kept this quite, quiet is that it would be pretty embarrassing for a company to loose Control over something that basically can be weaponized, it's like an arsenal, ways to attack computers varies, piece of Microsoft software which is used all over the planet.
00:00:45
The sources that I spoke to said that the security was really insufficient for this bug database. People are able to access it with little more than passwords.>> Microsoft test since past the security laws and an internal review concluded that the stolen bugs weren't used any hacking campaigns.
00:01:03
Although three form employee of security team says that really hurt to establish as many hack go unreported. Microsoft decent to discuss the incident saying only quotes. Our security teams actively monitor cyber threats to help us prioritize, and take appropriate action to keep customers protected. But keeping the breach a secret meant Microsoft customers didn't know there was a problem.
00:01:25
So couldn't defend their systems with temporary measures, while Microsoft developed fixes or patches for the problems.>> It's a bit ironic now. Because only recently, when the NSA lost control of even larger cache of digital weapons. Microsoft's Brad Smith, the current president, was one of the most aggressive in faulting the NSA for losing control of that bug database.
00:01:49
And he said that Microsoft and other companies should have been warned much earlier.>> While Microsoft has since beefed up security on its bug database, former employees say, there was little organized discussion over the breech, it's consequences and lessons to be learned. In part from fear that word would leak and embarrass the company.