Microsoft could benefit from the SolarWinds fallout even though hackers used its products as part of the attack — here's why

Microsoft could benefit from the SolarWinds fallout even though hackers used its products as part of the attack — here's why

January 5, 2021
  • The catastrophic SolarWinds hack that compromised major corporations and the highest levels of the US government could be a boon to Microsoft — even though hackers used its products as part of the attack.
  • Analysts predict that the hack will spur companies to spend more on cloud computing and security software, two spaces where Microsoft is a dominant player.
  • Hackers used Microsoft Office 365 and Active Directory to spy on their targets, but cybersecurity experts don't blame Microsoft for that, because the hackers exploited a vulnerability in SolarWinds' software that enabled them to forge Office 365 login credentials.
  • Microsoft also disclosed that hackers that broke into its systems viewed internal source code, but has reassured clients that its products are still secure even if the code isn't kept secret.
  • Visit Business Insider's homepage for more stories.

As new details have emerged about the massive SolarWinds hack over the past month, Microsoft has repeatedly found itself at the center of the story. However, the hack isn't all bad news for the software giant and could actually help boost its revenue, according to analysts.

Microsoft's products were among the tools hackers used to spy on massive corporations and the highest levels of US government. SolarWinds itself disclosed in an SEC filing that its own Office 365 tools were compromised by hackers, and The New York Times reported that the US Treasury Department's Microsoft email system was compromised as part of the hack. And last week, Microsoft — itself a hacking victim — disclosed that intruders were able to view its internal source code.

But the fallout from the attacks is expected to help, not hurt, Microsoft. Why? In part because Microsoft itself doesn't appear to be at fault for the vulnerabilities that let hackers break into customers' Office 365 suites, leaving its reputation intact.

"Customers and the broader cybersecurity community are not pointing fingers at Microsoft," a team of UBS analysts led by Fatima Boolani wrote in an investor note published Sunday.

UBS analysts also predict that the SolarWinds hack will spur more businesses to invest in cloud computing and security software, two of Microsoft's strengths. "Microsoft might even benefit," the note continued, as customers react by buying additional security tools from the company or moving away from old or on-premise software in favor of using Azure's cloud.

After breaking into victims' networks using a flaw in software from IT management firm SolarWinds, cybercriminals used Microsoft's user authentication service Active Directory and its productivity suite for email, chat, and other tools, Office 365, to spy on them. 

But according to cybersecurity experts, attackers targeted Microsoft products because they're ubiquitous, not because they have security flaws. The hackers were only able to access those products after exploiting a vulnerability in SolarWinds' Orion software that let them forge credentials to log into any software used by employees.

"This is akin to getting access to the electronic key card machine at the front desk of a hotel, stealing a bunch of blank cards, and using the machine to create key cards offering access to any room you like. Blaming Microsoft Active Directory would be akin to criticizing the key card readers on the front doors to the hotel rooms," Boolani's team wrote in the UBS note.

Microsoft also disclosed last week that SolarWinds hackers spied on Microsoft itself, viewing its internal source code. But the company insists that its products are secure regardless of whether the source code is kept a secret.

Meanwhile, analysts expect enterprise spending to boom in cloud computing and security software as a result of the hack. Cloud services like Microsoft's Azure or Amazon Web Services are seen as a safer alternative than hosting infrastructure locally, in part because they have better security monitoring and are regularly and automatically updated to patch vulnerabilities.

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued emergency guidance directing all SolarWinds clients to update company's software to the latest version, which patches vulnerabilities that the hackers exploited. The NSA even advised government agencies last month to "consider using Azure Active Directory as the authoritative identity provider." 

Microsoft could see modest tailwinds from such an increase in cloud and security spending. In a note last week, Wedbush analysts predicted that the hack could accelerate cloud adoption: The firm predicts that the share of workplaces on the cloud will shift from 33% today to 55% by 2022, representing over $200 billion in spending growth, with major providers like Microsoft, Amazon, and Google benefitting the most.

UBS analysts said that because the SolarWinds hack was not a full-blown "digital Pearl Harbor," increases in cloud and security spending could be gradual. As for Microsoft in particular, the firm expects its revenue to grow roughly 24% to $178.9 billion by the second quarter of 2022, driven in part by the prospect of higher Azure adoption.

A Microsoft spokesperson declined to comment. 

Signup Today: Free Chart of the Day Newsletter from Insider Intelligence

Source: Read Full Article