Dec 15, 2017

Axios Login

By Ina Fried
Ina Fried

RIP, AIM (1997-2017)

The next wave in tech scandals is coming

A blockbuster story from Bloomberg on an alleged rape of one Microsoft intern at the hands of another raises questions both for how Microsoft handled the situation then as well as broader questions of how large tech companies will adjust to a new reality.

  • The Microsoft case is clearly a complicated one. No charges were brought in the now five-year-old case and, while there was an internal investigation, it's not clear it was able to determine what happened at the event, which took place outside of work.
  • But there are several actions Microsoft took that seem dubious. It made choices that left the pair in proximity of one another, both as interns and then, equally puzzlingly, after it chose to hire both employees.
  • No matter what actually happened, Microsoft willingly put itself in the position of employing a woman as well as a man she accused of raping her.

Three big questions:

  1. Does Microsoft think it handled the situation appropriately at the time?
  2. Would it do anything differently today?
  3. Will it launch a broader re-evaluation of how it handles complaints?

Microsoft declined to respond specifically to these questions, instead issuing the same statement it gave to Bloomberg. However, that statement suggests the company, even today, believes it acted appropriately.

  • "We work hard to create a safe work environment for every employee. The incident referenced took place away from work, but we took the allegation very seriously. Our global security team and our employee relations investigations team met with the employee to review the allegation. We encouraged her to take her complaint to law enforcement, and offered to connect her with additional resources such as victim advocacy groups. We also took practical steps to address concerns she had about her safety. Law enforcement did not ultimately file any charges. Given this, and our own findings, we took the action we deemed appropriate related to the accused employee. We continued to work with the employee who raised the complaint to provide support."

Why it matters: Large tech companies have tens or hundreds of thousands of employees and, in addition to all the clear-cut cases of sexual harassment or assault, no doubt have all manner of more complex issues from their past, some of which will no doubt come under fresh scrutiny with a new sensibility applied.

  • Microsoft has shown itself willing to take action against employees, even high-ranking executives, when it is convinced there has been impropriety. I know of at least two high-ranking executives who were forced out of the company in such circumstances during the decade I covered the company for CNET.

What's next: I'd be shocked if I am the only one left scratching their head over how Microsoft handled this one. And I'd also be shocked if other big tech companies won't also soon be dealing with tricky issues from their past.

Civil rights groups were divided on net neutrality repeal

A story from The Intercept suggests the nation's biggest civil rights groups were largely divided along 'who took telco money' lines when it came to the FCC's move to repeal its 2015 net neutrality rules.

  • The ACLU, Color of Change, GLAAD and other groups vocally opposed the repeal, while a number of other civil rights organizations filed comments in favor of repeal. Many in the latter group, which included the NAACP, the National Urban League, and Asian Americans Advancing Justice, received significant funding from the telecom industry, The Intercept reported.

Other threads to follow:

FireEye confirms another attack on critical infrastructure

Security firm FireEye disclosed some details Thursday of a recent attack on a critical infrastructure provider by what appears to be either a state actor or state-sponsored actors.

  • FireEye is drawing attention to one key element unique to this attack, dubbed "Triton." In this case, the malware in question was successful at defeating two systems, but in doing so appeared to inadvertently trip up another system, causing at least some interruption of service.
  • "This proves getting into these systems can cause very real disruptions, even accidentally," said FireEye Director of Intelligence analysis John Hultquist. "This activity could be construed as sabotage by an adversary or even a military act of war. It could be completely unintentional."
  • The attack was against Triconex Safety Instrumented Systems, made by Schneider Electric, which also confirmed the issue, according to Reuters, which said the equipment is widely used in the energy industry, including at nuclear and oil and gas facilities.

What's not being shared: FireEye isn't saying what type of infrastructure was attacked, or even in which country it was located. (Reuters reported that two other security firms say the target firm was in the Middle East, with one saying Saudi Arabia.)

Why it matters: In many cases, nations may be trying to infiltrate key infrastructure to have a way in should they wish to attack, but aren't necessarily looking to do damage now. This incident shows in some cases they may be doing damage nonetheless.

Take Note

On Tap

  • It's National Free Shipping Day, with hundreds of retailers offering to send your orders for free with no minimum. (It was unable to use the original name, National Empty-Your-Wallet Day, due to a trademark dispute with Black Friday.)

Trading Places

ICYMI

After you Login

Sha-zing.

Ina Fried