Google claims US Government is too reliant on unsecure Microsoft products

Shutterstock

Google has referred to as on the US government to rethink its observe of favouring Microsoft technology when procuring technology, accusing the company of having a name for cyber security vulnerabilities and poor consumer notion.

Repeated cyber security breaches on US federal government devices have interrupted critical work and charge the taxpayer billions of dollars, mentioned Google Cloud’s Jeanette Manfra, senior director of Global Risk and Compliance in a blog site post.

✔ Approved Seller From Our Partners

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount

Manfra, who has expended 20 yrs in the general public sector, most not too long ago as the head of the Cybersecurity and Infrastructure Security Agency (CISA)’s cyber security division, claimed that the authorities was at a drawback thanks to its solution to procurement, and an over reliance on Microsoft solutions.

She pointed to a current Google poll of 2,600 US federal government personnel, which found that the vast majority of all those surveyed documented remaining “very” worried about cyber attacks from their businesses in the coming decades. Most of those surveyed (80%) also reported that the new attacks, like the SolarWinds breach, has them concerned about their personal info and privacy, and that of their household associates.

Benefits also showed a deficiency of satisfaction with legacy application, with around 50% of governing administration personnel stating that there are other goods or services that could support them do their careers better.

In accordance to Google’s facts, all around 84% of D.C. metro authorities staff members primarily use Microsoft items at operate, which include Phrase, Outlook, Groups, and OneDrive. This is confirmed by one more new review by Omdia which discovered 85% of govt staff members use Microsoft efficiency application.

“This reliance on a single software program suite could possibly suggest that these goods are protected and protected, but the Community Viewpoint Strategies survey identified that far more than half of all respondents reported that the government’s reliance on these Microsoft merchandise truly produced the federal government more vulnerable to hacking or cyber attacks,” explained Manfra.

Nonetheless, a US Senate report introduced very last August detailed that seven out of 8 federal companies had failed to protect critical information because of to insufficient cyber security guidelines, relatively than issues with their systems. It said that most agencies unsuccessful to set up security patches promptly adequate, and warned that at least seven out of the 8 agencies are continue to working with legacy techniques that have achieved close of daily life, and no for a longer period get seller security patches.

When survey respondents were requested why their employers used Microsoft services, 45% reported the purpose was for the reason that their employer has always applied these items and solutions and doesn’t want to change, while 55% mentioned due to the fact they are the most powerful at aiding them to do their occupation.

Manfra explained that with so a lot of respondents reporting they’re dissatisfied with their legacy IT remedies, it may possibly be time for the authorities to rethink its solution to procurement.

“As governments get the job done to meet the needs and preferences of their constituents—and their employees—it’s apparent that there’s an overreliance on legacy solutions, in spite of a track history of cyber security vulnerabilities and inadequate consumer notion,” she extra.

IT Pro has contacted Microsoft for remark.

Irrespective of the tech big criticising Microsoft for its cyber security, it isn’t immune to these forms of threats either. In February, it had to solve a critical security flaw in Android 12 with its February 2022 Android security update. In the exact same thirty day period, the corporation had to launch one more wave of patches for seven substantial-severity issues affecting Chrome, which include a person zero-working day vulnerability becoming actively exploited.

A report highlighted in January that Google Generate accounted for the most malware downloads in 2021, taking the major place from Microsoft OneDrive. It accounted for 37% of all destructive downloads last yr, when OneDrive fell to 2nd place with 20% of downloads.

Google Cloud also discovered in November previous yr that 86% of compromised Google Cloud Platform scenarios in 2021 led to cryptocurrency miners currently being dropped into customers’ environments. Its buyers ended up closely specific by attackers who were being attempting to leverage the superior concentrations of compute out there to them without having owning to pay back for it.