Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on the day's biggest business stories

Subscribe to Axios Closer for insights into the day’s business news and trends and why they matter

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Stay on top of the latest market trends

Subscribe to Axios Markets for the latest market trends and economic insights. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sports news worthy of your time

Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tech news worthy of your time

Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Get the inside stories

Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Denver news?

Get a daily digest of the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Des Moines news?

Get a daily digest of the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Twin Cities news?

Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Tampa Bay news?

Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Charlotte news?

Get a daily digest of the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Nashville news?

Get a daily digest of the most important stories affecting your hometown with the Axios Nashville newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Columbus news?

Get a daily digest of the most important stories affecting your hometown with the Axios Columbus newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Dallas news?

Get a daily digest of the most important stories affecting your hometown with the Axios Dallas newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sign up for Axios NW Arkansas

Stay up-to-date on the most important and interesting stories affecting NW Arkansas, authored by local reporters

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Microsoft president Brad Smith. Illustration: Axios Visuals

Seizing upon a flaw in software from SolarWinds, Russian hackers spent months leisurely probing the computer systems of dozens of businesses and government agencies. By contrast, when the intrusion was detected, tech companies and government agencies had to scramble to close the hole, assess damage and try to learn techniques to block future attacks.

Between the lines: Fresh details on how Microsoft, SolarWinds, GoDaddy and various government agencies managed the response to last winter's massive security failure are included in an update to a book co-authored by Microsoft president and longtime top lawyer Brad Smith.

Among the revelations:

  • Microsoft convened urgent meetings spearheaded by CEO Satya Nadella designed to make sure that all of the company's top security organizations were focused on the effort.
  • The company also mobilized more than 500 workers to respond to the SolarWinds attack.
  • The Russian attackers used a server at GoDaddy to establish separate backdoors into the different victims. However, that common server also had a "kill switch" that, once discovered, could be used to halt the spread of the attack. That work was carried out, in part, by transferring the server in question from GoDaddy to Microsoft.

The big picture: In the book's new sections, Smith writes that SolarWinds represented more than cyber-espionage as usual, but wasn't a full-on act of cyber-war, either.

  • Rather, Smith writes, it was a "moment of reckoning" that showed just how much unfinished work remains to be done to set global rules and norms for how technology can be used by nation-states to attack one another.

What's next: The SolarWinds attack offered a variety of lessons for preventing future attacks. Many of Smith's recommendations are standard best practices: using cloud-based systems (or at least fully patched on-premises servers), requiring multi-factor authentication and adopting a "zero trust" approach.

  • More interesting is what Smith says is lacking in the broader security ecosystem, especially when it comes to communication between business and government as well as among different businesses.
  • The U.S. government itself fails to sufficiently share data on cybersecurity threats, according to Smith: "Repeatedly in late 2020 we found people in federal agencies asking us about information in other parts of the government, because it was easier to get it from us than directly from other federal employees."
  • "It's impossible to avoid the grave conclusion that the sharing of cybersecurity threat intelligence today is even more challenged than it was for terrorist threats before 9/11," Smith writes.

Of note: Microsoft was both investigator and victim in the SolarWinds attack. At the same time it was trying to help customers evaluate and minimize damage, the company was also trying to assess how much information the attackers had gained by accessing Microsoft's own servers and viewing company source code.

The latest: The paperback edition of "Tools and Weapons" goes on sale today, with three new chapters, including the one on the SolarWinds response.

Go deeper: The long tail of the SolarWinds breach

Go deeper

Oct 12, 2021 - Axios Twin Cities

Sen. Tina Smith takes on SCOTUS expansion, climate push

Sen. Tina Smith speaks during a Senate Banking, Housing and Urban Affairs Committee hearing in September. Photo: Kevin Dietsch/Getty Images/Bloomberg via Getty Images

This time last year, in the midst of her re-election bid, U.S. Sen. Tina Smith declined to take a position on whether to expand the size of the U.S. Supreme Court.

  • Fast forward 12 months and the Minnesota Democrat is the first Senate co-sponsor of a bill to do just that.

Driving the pivot: Smith told Axios that events of the last year, including Justice Amy Coney Barrett's confirmation just before the 2020 election, persuaded her that adding justices "to restore balance to the court becomes the most sensible and reasonable thing to do."

  • "The Texas case was really the final straw for me," Smith added of the court's recent decision against blocking the state's new abortion restrictions.

Trump says he plans to launch new social media network in 2022

Photo: Chris Delmas/AFP via Getty Images

Former President Trump on Wednesday announced plans to launch a social media network called "Truth Social," and that it would go public via a SPAC.

Why it matters: Most ex-presidents are focused on their legacies, by creating presidential libraries or engaging in philanthropic endeavors. Trump, however, remains consumed by social media.

Beauty giant Coty Cosmetics looking to sell its own branded products

Coty Cosmetics CEO Sue Nabi. Photo: Axios on HBO

Coty Cosmetics CEO Sue Nabi tells Axios the beauty giant will “probably” introduce Coty-branded products one day.

Why it matters: Coty produces some of the world’s most popular fragrances, skin care products and color cosmetics on behalf of other well-known brands, but has shied away from producing its own branded products.