Microsoft: Sony and RSA Hacks 'Rookie Mistakes', Claims Protected Against DoS Attacks

John Howie, Microsoft's Senior Director in the Online Services Security and Compliance team (OSSC) claims that recent hacks against companies like Sony and security firm RSA were due to "rookie mistakes." Howie was quoted saying that Microsoft cannot be hacked or DDoSed.According to Howie, "Sony was brought down because it "didn't patch its servers," it […]

John Howie, Microsoft's Senior Director in the Online Services Security and Compliance team (OSSC) claims that recent hacks against companies like Sony and security firm RSA were due to "rookie mistakes." Howie was quoted saying that Microsoft cannot be hacked or DDoSed.

According to Howie, "Sony was brought down because it "didn't patch its servers," it ran out of date software and it "coded badly." These are rookie mistakes," said Howie.

He added that the breach at secure token specialists RSA could also have been avoided. "RSA got hacked because someone got socially engineered and opened a dodgy email attachment. A rookie mistake."

He claimed that processes in place at Microsoft meant that such mistakes were extremely unlikely to happen within his organisation. "At Microsoft we have robust mechanisms to ensure we don't have unpatched servers. We have training for staff so they know how to be secure and be wise to social engineering."

He also made the claim that Microsoft's internet capacity renders it almost impervious to denial-of-service (DoS) attacks. And, that, "We have massively overbuilt our internet capacity, this protects us against DoS attacks," said Howie.

"We won't notice until the data column gets to 2GB/s, and even then we won't sweat until it reaches 5GB/s. Even then we have edge protection to shun addresses that we suspect of being malicious," he said.

[Via: Computing.co.uk]