Microsoft in the hot seat over SolarWinds hacking campaign

The sprawling hacking campaign deemed a grave threat to US national security came to be known as SolarWinds, for the company whose software update was seeded by Russian intelligence agents with malware to penetrate sensitive government and private networks.

Yet it was Microsoft whose code the cyberspies persistently abused in the campaign’s second stage, rifling through emails and other files of such high-value targets as then-acting Homeland Security chief Chad Wolf — and hopping undetected among victim networks.

This has put the world’s third-most valuable company in the hot seat. Because its products are a de facto monoculture in government and industry — with more than 85% market share — federal lawmakers are insisting that Microsoft swiftly upgrade security to what they say it should have provided in the first place, and without fleecing taxpayers.