Log in
E-mail
Password
Remember
Forgot password ?
Become a member for free
Sign up
Sign up
New member
Sign up for FREE
New customer
Discover our services
Settings
Settings
Dynamic quotes 
OFFON

MarketScreener Homepage  >  Equities  >  Nasdaq  >  Microsoft Corporation    MSFT

MICROSOFT CORPORATION

(MSFT)
  Report
SummaryQuotesChartsNewsRatingsCalendarCompanyFinancialsConsensusRevisions 
SummaryMost relevantAll NewsAnalyst Reco.Other languagesPress ReleasesOfficial PublicationsSector newsMarketScreener Strategies

Microsoft failed to shore up defenses that could have limited SolarWinds hack: U.S. senator

02/25/2021 | 05:31pm EDT
U.S. Senate panel holds hearing on Biden's trade nominee

SAN FRANCISCO (Reuters) - Microsoft Corp's failure to fix known problems with its cloud software facilitated the massive SolarWinds hack that compromised at least nine federal government agencies, according to security experts and the office of U.S. Senator Ron Wyden.

A vulnerability first publicly revealed by researchers in 2017 allows hackers to fake the identity of authorized employees to gain access to customers' cloud services. The technique was one of many used in the SolarWinds hack.

Wyden, who has faulted tech companies on security and privacy issues as a member of the Senate Intelligence Committee, blasted Microsoft for not doing more to prevent forged identities or warn customers about it.

"The federal government spends billions on Microsoft software," Wyden told Reuters ahead of a SolarWinds hearing on Friday in the House of Representatives.

"It should be cautious about spending any more before we find out why the company didn't warn the government about the hacking technique that the Russians used, which Microsoft had known about since at least 2017," he said.

Microsoft President Brad Smith will testify on Friday before the House committee investigating the SolarWinds hacks.

U.S. officials have blamed Russia for the massive intelligence operation that penetrated SolarWinds, which makes software to manage networks, as well as Microsoft and others, to steal data from multiple governments and about 100 companies. Russia denies responsibility.

Microsoft disputed Wyden's conclusions, telling Reuters that the design of its identity services was not at fault.

In a response to Wyden's written questions on Feb. 10, a Microsoft lobbyist said the identity trick, known as Golden SAML, "had never been used in an actual attack" and "was not prioritized by the intelligence community as a risk, nor was it flagged by civilian agencies."

But in a public advisory after the SolarWinds hack, on Dec. 17, the National Security Agency called for closer monitoring of identity services, noting, "This SAML forgery technique has been known and used by cyber actors since at least 2017."

In response to additional questions from Wyden this week, Microsoft acknowledged its programs were not set up to detect the theft of identity tools for granting cloud access.

Trey Herr, director of the Cyber Statecraft Initiative at the Atlantic Council, said the failure showed cloud security risks should be a higher priority.

The hackers' sophisticated abuse of identities "exposes a concerning weakness in how cloud computing giants invest in security, perhaps failing to adequately mitigate the risk of high impact, low probability failures in systems at the root of their security model," Herr said.

In congressional testimony on Tuesday, Microsoft's Smith said that only about 15% of the victims in the Solar Winds campaign were hurt via Golden SAML. Even in those cases the hackers had to have already gained access to systems before deploying the method.

But Wyden's staff said one of those victims was the U.S. Treasury, which lost emails from dozens of officials.

(Reporting by Joseph Menn; editing by Jonathan Weber and Howard Goller)

By Joseph Menn


© Reuters 2021
All news about MICROSOFT CORPORATION
05:36pUS Stocks Slip Ahead of Earnings Season as Microsoft Goes Shopping
MT
05:06pTech Down As Inflation Concerns Offset Deal Activity -- Tech Roundup
DJ
05:03pCLOSE UPDATE : US Stocks Start Week Lower Monday Ahead of Earnings Season
MT
04:47pWALL STREET STOCK EXCHANGE : Wall Street ends lower as investors await earnings,..
RE
04:33pMICROSOFT CORP  : Receives a Buy rating from Jefferies
MD
04:01pWall St ends lower as investors await earnings, inflation data
RE
03:46pSECTOR UPDATE : Tech Stocks Adding to Earlier Losses This Afternoon
MT
02:49pS&P 500, Dow dip ahead of earnings, inflation data
RE
02:39pWALL STREET STOCK EXCHANGE : Stocks Slip Ahead of Busy Earnings Week--Update
DJ
01:49p‘THE NETWORK' : Introducing Microsoft's first podcast series for media, en..
PU
More news
Financials (USD)
Sales 2021 164 B - -
Net income 2021 55 912 M - -
Net cash 2021 78 333 M - -
P/E ratio 2021 34,8x
Yield 2021 0,86%
Capitalization 1 930 B 1 930 B -
EV / Sales 2021 11,3x
EV / Sales 2022 10,1x
Nbr of Employees 163 000
Free-Float 99,9%
Chart MICROSOFT CORPORATION
Duration : Period :
Microsoft Corporation Technical Analysis Chart | MarketScreener
Full-screen chart
Technical analysis trends MICROSOFT CORPORATION
Short TermMid-TermLong Term
TrendsBullishBullishBullish
Income Statement Evolution
Consensus
Sell
Buy
Mean consensus OUTPERFORM
Number of Analysts 41
Average target price 276,27 $
Last Close Price 255,91 $
Spread / Highest target 23,1%
Spread / Average Target 7,96%
Spread / Lowest Target -14,0%
EPS Revisions
Managers and Directors
NameTitle
Satya Nadella Chief Executive Officer & Non-Independent Director
Bradford L. Smith President & Chief Legal Officer
Amy E. Hood Chief Financial Officer & Executive Vice President
John Wendell Thompson Independent Chairman
James Kevin Scott Chief Technology Officer & Executive VP
Sector and Competitors
1st jan.Capitalization (M$)
MICROSOFT CORPORATION15.03%1 929 676
SEA LIMITED26.06%128 459
ZOOM VIDEO COMMUNICATIONS, INC.-4.35%94 767
DASSAULT SYSTÈMES SE15.11%59 409
ATLASSIAN CORPORATION PLC-3.62%56 364
PALANTIR TECHNOLOGIES INC.2.08%43 807