It was widely reported on Friday that the Exchange mail server program has a serious bug that allows hackers to gain access to organizations' networks and even take over control, demanding payment for non-disclosure of trade secrets. And although Microsoft promptly released the update, many businesses around the world reported that they were unable to install it for one reason or another.
The first scandal happened in December last year. American analysts have linked it to Russian hackers using SolarWinds technology. Then a scandal raged over emails from the Departments of Justice, Commerce, and Treasury. More than 100 private companies and 9 government agencies were affected. And although the software of most of the large vendors from time to time is "under the gun", it is Microsoft products that are more likely to be vulnerable.
More recent hacks have relied on the flaws in the Exchange application. The attacks are attributed to Chinese hackers, which the Chinese government denies.
In this regard, the CEO of the company expects to receive funding from funds allocated as part of protection against cyber attacks under programs to support the economy during the COVID-19 pandemic.
These funds will be part of the funding for the anti-crisis package from the Democrats, which Biden signed on Thursday. For example, in the draft cost estimate of the Cybersecurity Infrastructure Security Agency, more than $150 million of the total amount of $650 million is allocated for a secure cloud platform to combat the cyber threat.
At the very least, according to company officials, the money is budgeted by Microsoft mainly to help federal agencies update the software to improve the security of cloud storage systems.
The company's key service today is activity logging, which allows customers to track data traffic in their part of the storage and identify inconsistencies associated with information leaks.
Cybercrime officials have tried to gain access to the company's advanced capabilities after finding that the lack of such logs makes business more difficult.
In response, the tech giant said that while each of the company's products has security features, "Larger institutions may need additional capabilities. For example, on the study of journals."
The agency declined to comment.
And while most lawmakers see no problem in increasing funding, some senators are outraged by the funding of the software developer, which has already appeared in two major hacking scandals over the past six months. They believe that data security holes make hacking more profitable and popular.
For example, Senator Ron Wyden from Oregon and one of four senators who spearheaded the Internet Cybersecurity Improvement Act of 2016 aptly said, "If the only solution to defend against hackers is to give more money to Microsoft, which has long ignored the threat of hacks, then the government should reconsider its dependence on Microsoft. We should not reward the company that sold unsafe software to the government with even larger government orders."
Representative Jim Langevin, at a congressional hearing on the hack in December, asked CEO Brad Smith, "Is Microsoft a profit-driven, or is it a cost-priced service to customers?"
Smith made it clear that this is a commercial service that also includes profits.
Senators protesting the increase in funding for the private conglomerate believe that the concern has effectively turned data security services into a separate line of revenue. Thus, revenues in this area alone exceed $10 billion per year. This is 40% more than in 2020.
Curtis Dukes, the former head of the NSA's defense commission, admits the government may well introduce new rules that would oblige suppliers to take more security efforts.
In the meantime, Microsoft Corporation (MSFT) shares are recovering from Friday's failure and have already reached the level of $233.6. Further growth of indicators is expected with the opening of the American stock exchange.