Jansen127
2021-03-15
Haut ah
Exclusive: Microsoft could reap more than $150 million in new U.S. cyber spending, upsetting some lawmakers
免责声明:上述内容仅代表发帖人个人观点,不构成本平台的任何投资建议。
分享至
微信
复制链接
精彩评论
我们需要你的真知灼见来填补这片空白
打开APP,发表看法
APP内打开
发表看法
4
1
{"i18n":{"language":"zh_CN"},"detailType":1,"isChannel":false,"data":{"magic":2,"id":322628327,"tweetId":"322628327","gmtCreate":1615804435269,"gmtModify":1703493210457,"author":{"id":3567722403344826,"idStr":"3567722403344826","authorId":3567722403344826,"authorIdStr":"3567722403344826","name":"Jansen127","avatar":"https://static.tigerbbs.com/a76eea9e4acedb7e3bb72074bf83c3ad","vip":1,"userType":1,"introduction":"","boolIsFan":false,"boolIsHead":false,"crmLevel":3,"crmLevelSwitch":0,"individualDisplayBadges":[],"fanSize":16,"starInvestorFlag":false},"themes":[],"images":[],"coverImages":[],"extraTitle":"","html":"<html><head></head><body><p>Haut ah</p></body></html>","htmlText":"<html><head></head><body><p>Haut ah</p></body></html>","text":"Haut ah","highlighted":1,"essential":1,"paper":1,"likeSize":1,"commentSize":4,"repostSize":0,"favoriteSize":0,"link":"https://laohu8.com/post/322628327","repostId":1159332291,"repostType":2,"repost":{"id":"1159332291","kind":"news","weMediaInfo":{"introduction":"Reuters.com brings you the latest news from around the world, covering breaking news in markets, business, politics, entertainment and technology","home_visible":1,"media_name":"Reuters","id":"1036604489","head_image":"https://static.tigerbbs.com/443ce19704621c837795676028cec868"},"pubTimestamp":1615803452,"share":"https://www.laohu8.com/m/news/1159332291?lang=&edition=full","pubTime":"2021-03-15 18:17","market":"us","language":"en","title":"Exclusive: Microsoft could reap more than $150 million in new U.S. cyber spending, upsetting some lawmakers","url":"https://stock-news.laohu8.com/highlight/detail?id=1159332291","media":"Reuters","summary":"SAN FRANCISCO/WASHINGTON (Reuters) - Microsoft stands to receive nearly a quarter of Covid relief fu","content":"<p>SAN FRANCISCO/WASHINGTON (Reuters) - Microsoft stands to receive nearly a quarter of Covid relief funds destined for U.S. cybersecurity defenders, sources told Reuters, angering some lawmakers who don’t want to increase funding for a company whose software was recently at the heart of two big hacks.</p>\n<p>Congress allocated the funds at issue in the COVID relief bill signed on Thursday after two enormous cyberattacks leveraged weaknesses in Microsoft products to reach into computer networks at federal and local agencies and tens of thousands of companies. One breach attributed to Russia in December grabbed emails from the Justice Department, Commerce Department and Treasury Department.</p>\n<p>The hacks pose a significant national security threat, frustrating lawmakers who say Microsoft’s faulty software is making it more profitable.</p>\n<p>“If the only solution to a major breach in which hackers exploited a design flaw long ignored by Microsoft is to give Microsoft more money, the government needs to reevaluate its dependence on Microsoft,” said Oregon Senator Ron Wyden, a leading Democrat on the intelligence committee.</p>\n<p>“The government should not be rewarding a company that sold it insecure software with even bigger government contracts.”</p>\n<p>Microsoft previously said it prioritizes fixing attacks that it sees in wide use.</p>\n<p>A draft spending plan by the Cybersecurity Infrastructure Security Agency allocates more than $150 million of their new $650 million funding for a “secure cloud platform,” according to documents seen by Reuters and people familiar with the matter.</p>\n<p>More precisely, the money has been budgeted for Microsoft, according to four people briefed on the choice, largely to help other federal agencies upgrade their existing Microsoft deals to improve security of their cloud systems.</p>\n<p>A CISA spokesman declined to comment.</p>\n<p>A key service Microsoft provides, known as activity logging, allows its clients to keep watch on data traffic within their part of the cloud and spot inconsistencies that could reveal hackers at work.</p>\n<p>Officials have sought access to Microsoft’s premium tracking capability after discovering the lack of logs made it much harder to investigate recent hacks tied to nation states.</p>\n<p>Microsoft said Sunday that while all its cloud products have security features, “larger organizations may require more advanced capabilities such as a greater depth of security logs and the ability to investigate those logs and take action.” It did not address the fairness issues raised by lawmakers.</p>\n<p>While some senior U.S. cyber officials feel they have no choice but to pay up, Wyden and three other lawmakers have publicly raised concerns about the plan.</p>\n<p><b>‘RAW DEAL’</b></p>\n<p>Most major software has been penetrated by well-financed teams of hackers at one time or another, but the ubiquity of Microsoft’s products makes it a prime target.</p>\n<p>The alleged Russian spying, known for exploiting software from SolarWinds, hit nine government agencies and 100 private companies, many of whom were exploited through manipulation of a Microsoft system.</p>\n<p>More recent sprawling hacks into tens of thousands of servers around the world running Microsoft Exchange by a handful of attackers, including some tied to the Chinese government, relied on four previously unknown flaws in the way those servers handled web versions of Outlook email. China has denied backing the attacks.</p>\n<p>In a hearing on the SolarWinds breach Feb. 26, Rhode Island Congressman Jim Langevin challenged Microsoft President Brad Smith about charging extra for logging, asking: “Is this a profit center for Microsoft, or is it a service being provided at cost to the customers?”</p>\n<p>“We are a for-profit company,” Smith responded. “Everything we do is designed to generate a return, other than our philanthropic work.”</p>\n<p>Microsoft has turned security offerings into a significant source of revenue, with the business generating $10 billion annually, up 40% from the previous year.</p>\n<p>Rep. Dutch Ruppersberger of the House appropriations committee said Congress must look into “why security is an afterthought in the procurement process” and move away from approving only the lowest bidders.</p>\n<p>The government could impose new regulations, said Curtis Dukes, a former head of the defensive mission at the National Security Agency now at the nonprofit Center for Internet Security, which works closely with CISA. “Maybe with additional size, vendors should have to do more.”</p>","collect":0,"html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>Exclusive: Microsoft could reap more than $150 million in new U.S. cyber spending, upsetting some lawmakers</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\nExclusive: Microsoft could reap more than $150 million in new U.S. cyber spending, upsetting some lawmakers\n</h2>\n\n<h4 class=\"meta\">\n\n\n<a class=\"head\" href=\"https://laohu8.com/wemedia/1036604489\">\n\n\n<div class=\"h-thumb\" style=\"background-image:url(https://static.tigerbbs.com/443ce19704621c837795676028cec868);background-size:cover;\"></div>\n\n<div class=\"h-content\">\n<p class=\"h-name\">Reuters </p>\n<p class=\"h-time\">2021-03-15 18:17</p>\n</div>\n\n</a>\n\n\n</h4>\n\n</header>\n<article>\n<p>SAN FRANCISCO/WASHINGTON (Reuters) - Microsoft stands to receive nearly a quarter of Covid relief funds destined for U.S. cybersecurity defenders, sources told Reuters, angering some lawmakers who don’t want to increase funding for a company whose software was recently at the heart of two big hacks.</p>\n<p>Congress allocated the funds at issue in the COVID relief bill signed on Thursday after two enormous cyberattacks leveraged weaknesses in Microsoft products to reach into computer networks at federal and local agencies and tens of thousands of companies. One breach attributed to Russia in December grabbed emails from the Justice Department, Commerce Department and Treasury Department.</p>\n<p>The hacks pose a significant national security threat, frustrating lawmakers who say Microsoft’s faulty software is making it more profitable.</p>\n<p>“If the only solution to a major breach in which hackers exploited a design flaw long ignored by Microsoft is to give Microsoft more money, the government needs to reevaluate its dependence on Microsoft,” said Oregon Senator Ron Wyden, a leading Democrat on the intelligence committee.</p>\n<p>“The government should not be rewarding a company that sold it insecure software with even bigger government contracts.”</p>\n<p>Microsoft previously said it prioritizes fixing attacks that it sees in wide use.</p>\n<p>A draft spending plan by the Cybersecurity Infrastructure Security Agency allocates more than $150 million of their new $650 million funding for a “secure cloud platform,” according to documents seen by Reuters and people familiar with the matter.</p>\n<p>More precisely, the money has been budgeted for Microsoft, according to four people briefed on the choice, largely to help other federal agencies upgrade their existing Microsoft deals to improve security of their cloud systems.</p>\n<p>A CISA spokesman declined to comment.</p>\n<p>A key service Microsoft provides, known as activity logging, allows its clients to keep watch on data traffic within their part of the cloud and spot inconsistencies that could reveal hackers at work.</p>\n<p>Officials have sought access to Microsoft’s premium tracking capability after discovering the lack of logs made it much harder to investigate recent hacks tied to nation states.</p>\n<p>Microsoft said Sunday that while all its cloud products have security features, “larger organizations may require more advanced capabilities such as a greater depth of security logs and the ability to investigate those logs and take action.” It did not address the fairness issues raised by lawmakers.</p>\n<p>While some senior U.S. cyber officials feel they have no choice but to pay up, Wyden and three other lawmakers have publicly raised concerns about the plan.</p>\n<p><b>‘RAW DEAL’</b></p>\n<p>Most major software has been penetrated by well-financed teams of hackers at one time or another, but the ubiquity of Microsoft’s products makes it a prime target.</p>\n<p>The alleged Russian spying, known for exploiting software from SolarWinds, hit nine government agencies and 100 private companies, many of whom were exploited through manipulation of a Microsoft system.</p>\n<p>More recent sprawling hacks into tens of thousands of servers around the world running Microsoft Exchange by a handful of attackers, including some tied to the Chinese government, relied on four previously unknown flaws in the way those servers handled web versions of Outlook email. China has denied backing the attacks.</p>\n<p>In a hearing on the SolarWinds breach Feb. 26, Rhode Island Congressman Jim Langevin challenged Microsoft President Brad Smith about charging extra for logging, asking: “Is this a profit center for Microsoft, or is it a service being provided at cost to the customers?”</p>\n<p>“We are a for-profit company,” Smith responded. “Everything we do is designed to generate a return, other than our philanthropic work.”</p>\n<p>Microsoft has turned security offerings into a significant source of revenue, with the business generating $10 billion annually, up 40% from the previous year.</p>\n<p>Rep. Dutch Ruppersberger of the House appropriations committee said Congress must look into “why security is an afterthought in the procurement process” and move away from approving only the lowest bidders.</p>\n<p>The government could impose new regulations, said Curtis Dukes, a former head of the defensive mission at the National Security Agency now at the nonprofit Center for Internet Security, which works closely with CISA. “Maybe with additional size, vendors should have to do more.”</p>\n\n</article>\n</div>\n</body>\n</html>\n","type":0,"thumbnail":"","relate_stocks":{"MSFT":"微软"},"is_english":true,"share_image_url":"https://static.laohu8.com/e9f99090a1c2ed51c021029395664489","article_id":"1159332291","content_text":"SAN FRANCISCO/WASHINGTON (Reuters) - Microsoft stands to receive nearly a quarter of Covid relief funds destined for U.S. cybersecurity defenders, sources told Reuters, angering some lawmakers who don’t want to increase funding for a company whose software was recently at the heart of two big hacks.\nCongress allocated the funds at issue in the COVID relief bill signed on Thursday after two enormous cyberattacks leveraged weaknesses in Microsoft products to reach into computer networks at federal and local agencies and tens of thousands of companies. One breach attributed to Russia in December grabbed emails from the Justice Department, Commerce Department and Treasury Department.\nThe hacks pose a significant national security threat, frustrating lawmakers who say Microsoft’s faulty software is making it more profitable.\n“If the only solution to a major breach in which hackers exploited a design flaw long ignored by Microsoft is to give Microsoft more money, the government needs to reevaluate its dependence on Microsoft,” said Oregon Senator Ron Wyden, a leading Democrat on the intelligence committee.\n“The government should not be rewarding a company that sold it insecure software with even bigger government contracts.”\nMicrosoft previously said it prioritizes fixing attacks that it sees in wide use.\nA draft spending plan by the Cybersecurity Infrastructure Security Agency allocates more than $150 million of their new $650 million funding for a “secure cloud platform,” according to documents seen by Reuters and people familiar with the matter.\nMore precisely, the money has been budgeted for Microsoft, according to four people briefed on the choice, largely to help other federal agencies upgrade their existing Microsoft deals to improve security of their cloud systems.\nA CISA spokesman declined to comment.\nA key service Microsoft provides, known as activity logging, allows its clients to keep watch on data traffic within their part of the cloud and spot inconsistencies that could reveal hackers at work.\nOfficials have sought access to Microsoft’s premium tracking capability after discovering the lack of logs made it much harder to investigate recent hacks tied to nation states.\nMicrosoft said Sunday that while all its cloud products have security features, “larger organizations may require more advanced capabilities such as a greater depth of security logs and the ability to investigate those logs and take action.” It did not address the fairness issues raised by lawmakers.\nWhile some senior U.S. cyber officials feel they have no choice but to pay up, Wyden and three other lawmakers have publicly raised concerns about the plan.\n‘RAW DEAL’\nMost major software has been penetrated by well-financed teams of hackers at one time or another, but the ubiquity of Microsoft’s products makes it a prime target.\nThe alleged Russian spying, known for exploiting software from SolarWinds, hit nine government agencies and 100 private companies, many of whom were exploited through manipulation of a Microsoft system.\nMore recent sprawling hacks into tens of thousands of servers around the world running Microsoft Exchange by a handful of attackers, including some tied to the Chinese government, relied on four previously unknown flaws in the way those servers handled web versions of Outlook email. China has denied backing the attacks.\nIn a hearing on the SolarWinds breach Feb. 26, Rhode Island Congressman Jim Langevin challenged Microsoft President Brad Smith about charging extra for logging, asking: “Is this a profit center for Microsoft, or is it a service being provided at cost to the customers?”\n“We are a for-profit company,” Smith responded. “Everything we do is designed to generate a return, other than our philanthropic work.”\nMicrosoft has turned security offerings into a significant source of revenue, with the business generating $10 billion annually, up 40% from the previous year.\nRep. Dutch Ruppersberger of the House appropriations committee said Congress must look into “why security is an afterthought in the procurement process” and move away from approving only the lowest bidders.\nThe government could impose new regulations, said Curtis Dukes, a former head of the defensive mission at the National Security Agency now at the nonprofit Center for Internet Security, which works closely with CISA. “Maybe with additional size, vendors should have to do more.”","news_type":1},"isVote":1,"tweetType":1,"viewCount":151,"commentLimit":10,"likeStatus":false,"favoriteStatus":false,"reportStatus":false,"symbols":[],"verified":2,"subType":0,"readableState":1,"langContent":"EN","currentLanguage":"EN","warmUpFlag":false,"orderFlag":false,"shareable":true,"causeOfNotShareable":"","featuresForAnalytics":[],"commentAndTweetFlag":false,"andRepostAutoSelectedFlag":false,"upFlag":false,"length":6,"xxTargetLangEnum":"ORIG"},"commentList":[],"isCommentEnd":true,"isTiger":false,"isWeiXinMini":false,"url":"/m/post/322628327"}
精彩评论