Microsoft

IBM’s Fall From World Dominance

Steven Cherry Hi, this is Steven Cherry for IEEE Spectrum’s podcast, Fixing the Future. IBM is a remarkable company, known for many things—the tabulating machines that calculated the 1890 U.S. Census, the mainframe computer, legitimizing the person computer, and developing the software that beat the best in the world at chess and then Jeopardy. The…

Steven Cherry Hi, this is Steven Cherry for IEEE Spectrum’s podcast, Fixing the Future.

IBM is a remarkable company, known for many things—the tabulating machines that calculated the 1890 U.S. Census, the mainframe computer, legitimizing the person computer, and developing the software that beat the best in the world at chess and then Jeopardy.

The company is, though, even more remarkable for the businesses it departed—often while they were still highly profitable—and pivoting to new ones before their profitability was obvious or assured.

The pivot people are most familiar with is the one into the PC market in the 1980s and then out of it in the 2000s. In fact, August 2020 marks the 40th anniversary of the introduction of the IBM PC. Joining me to talk about it—and IBM’s other pivots, past and future—is a person uniquely qualified to do so.

James Cortada is both a Ph.D. historian and a 38-year veteran of IBM. He’s currently a senior research fellow at the University of Minnesota’s Charles Babbage Institute, where he specializes in the history of technology. He was therefore perfectly positioned to be the author of the definitive corporate history of the company he used to work for, in a book entitled IBM: The Rise and Fall and Reinvention of a Global Icon, which was published in 2019 by MIT Press.

Cortada is also a contributor to IEEE Spectrum, most recently of an article this month entitled “How the IBM PC Won, Then Lost, the Personal Computer Market,” and in that sense I’m delighted to call him a colleague. He joins us by Skype.

Jim, welcome to the podcast.

James Cortada Delighted to be here.

Steven Cherry Jim, IBM wasn’t the first to personal computers. The first Apple computer was in 1976 and by 1981 the Apple II was firmly leading the market. Commodore, Tandy/RadioShack, and Osborne also had popular computers. More importantly, there was already an operating system, Digital Research’s CPM, that anchored the market and quite a bit of software was available for every computer that could run it: WordStar VisiCalc, Basic…. There were C and Pascal compilers. There were assemblers.

Because IBM was late to the PC market, it did two things that turned out to contribute mightily to its success. [The PC] was developed as a kind of skunkworks project that reported directly to the CEO of the company. And contrary to its corporate culture, it used off-the-shelf parts and software that the company didn’t write. Just how revolutionary was that for IBM?

James Cortada I cannot think of another time before then when IBM had done that. Prior to that time, they the bought a company that had something, a part or software or technology, or invented itself in its own research laboratories, which are always attached to company manufacturing facilities so they can make it manufacturable. So this is a complete departure. The reason it was done is that the IBM process for developing new equipment would take too long to get a PC out into the marketplace, and they needed to move quickly once that decision had been made and they could not do it with the existing process. So they needed a skunkworks. And that’s what Frank Cary, the chairman of the board, who ran the company, decided to do.

Steven Cherry Jim, those two factors—the skunkworks aspect and the off-the-shelf construction—also led to the downfall of IBM and the PC market. Eventually, the PC business got folded into the regular chain of command and business structures. And by using Microsoft’s operating system and Intel’s chips, without exclusive rights to them, the PC market came to be controlled by those two companies and it became a commodity business.

James Cortada It became a commodity business not only because of the chips and the operating system, but because other companies were able to put it all together at a lower cost than IBM. Once the PC business in IBM got folded into the main corporate structure, its costs of operating went up. So it’s nearly impossible to get the cost of manufacturing and sales down to a competitive level. And the marketplace also began to compete based on price. Because everybody had good machines.

Steven Cherry Selling businesses off when they became commodities is part of a pattern. It happened as well in 2002 when IBM sold its disk drive business to Hitachi at that time. This one unit was contributing to the company something like a third of its annual profits.

James Cortada The interesting thing about DASD [direct-access storage device] was IBM invented the disk drives in the mid-1950s and kept innovating that technology so fast that its product costs and what it could sell for remained very competitive for a very long time. But eventually, like everything else, it became a commodity, especially when computer chips dropped and cost to nothing. And so you could have a vast quantity of storage and minimal costs. Just look at your cell phone. So IBM decided that it’s better off with high profit items and not as well off with low profit items, even if it was still making a profit. So they decided to get out of that business and take the money that they would have otherwise spent on it on more profitable activities.

Steven Cherry US $2.6 billion from Lenovo for the PC business, $2 billion from Hitachi, with some downstream money as well. This is in sharp contrast to, say, Kodak, which when it finally sold off its film business in twenty thirteen, it was part of a bankruptcy reorganization. Similarly, GE sold off GE Capital for $26 billion after the 2008 finance and banking collapse, which is a far cry from a decade earlier, when it was worth ten times that.

James Cortada Timing is everything. What I can say about the PC and the DASD was the fact that they didn’t milk it for the very last dollar when they saw the handwriting on the wall. They knew from prior experience that you sell off that piece of the business before it’s not worth anything. And sometimes you have less than six months or a year in this industry to do that. But IBM sold these businesses off before it was too late, and that’s why it was able to gain a nice return.

The other thing that everybody overlooks, particularly with the PC business, is that it was a beautiful negotiation because it allowed IBM to enter the Chinese market in a way that China would have liked through an existing local company that was already trusted, Lenovo, and that knew how to get around and do stuff in China. So in addition to the cash transactions and transfer of people and ICAP, IBM gained access to a huge market.

Steven Cherry We’re speaking with historian Jim Cortada. When we come back, I’ll ask him to walk us through some of IBM’s most difficult moments, and to speculate about its uncertain future.

Fixing the Future is supported by COMSOL, the makers of COMSOL Multiphysics simulation software. Companies like the Manufacturing Technology Centre are revolutionizing the designs of additive manufactured parts by first building simulation apps from COMSOL models, allowing them to share their analyses with different teams and explore new manufacturing opportunities with their own customers. Learn more about simulation apps and find this and other case studies at comsol.com/blog/apps.

We’re back with my guest Jim Cortada, a senior research fellow at the University of Minnesota’s Charles Babbage Institute and author of a comprehensive corporate history of IBM.

Jim, I mentioned some of IBM’s big pivots—from tabulators to computers, from mainframes to PCs and servers, from hardware to services and consulting. In each case, the future of the entire company was at stake.

James Cortada That’s absolutely correct. When you leave—in a technology company—from one platform to another, one model business model to another, it’s very risky. Some people can do it well, others can’t. And IBM’s case, for example, when it got out of the tabulating business in the nineteen fifties, it had been in that business for a half century. And it owned it. Yet computers were clearly going to be displacing tabulating equipment. So IBM had to get it in the computer business, had to learn the technology had spent 10 years prior to that learning about the technology and participating in preliminary projects.

So when it started the transition to computers, it already knew a great deal about the subject as a question of timing, when to enter, how fast, what kind of configurations of equipment and all the basic blocking and tackling. It did that when they got into the services business in the 1980s and 1990s. Again, a very similar thing. You go from trying to sell a machines and software to selling pocking our brains, if you will, at X number of dollars per hour of consulting. Yet at the same time holding on to hardware and software sales as desirable. That, again, was a fundamental structural difference. But that had a decade of experience experimenting and learning. And even then it took in each case a decade to make the move.

Steven Cherry People don’t realize how risky these transitions are. Microsoft, for example, was late to the Internet and the Web and it almost killed the company. And then instead of learning from that experience, they were even later to the transition to mobile platforms, to cell phones and tablets.

James Cortada That’s correct. And all these companies periodically take a few years to learn how to do it. Well, first, they have to learn that they have to do it and accept it, because there are a lot of food fights within the company about whether we should go or not go. They all go through this. Then they have to learn how to do it and then they’ve got to go do it. And then convince everybody they did it. That’s Microsoft, that’s IBM. That’s all of them. Kodak failed.

Steven Cherry Jim, you were at IBM for one of these major transitions, which you describe as a corporate near-death experience. What was it like within the company to live and work through such a tumultuous period?

James Cortada Hah, you didn’t know, for example, or whether you’re going to get laid off. You didn’t know how to develop your career … should you continue along a traditional line that you had been in or start in another? And it was another … like in consulting—and I jumped into the consulting—I bet the consulting was going to grow. You had to learn a whole new profession.

So a lot of the things that you knew before did not necessarily play out. There was a lot of angst in the company about how do we do this, how do we take care of our customers, but also how do we take care of our profits and our revenue streams? Very delicate, very difficult to do. A lot of new people were brought in who did not understand IBM’s culture, and they had to learn how to deal with IBM. But at the same time, we had to figure out how to work with those folks. So they came from PWC, Arthur Andersen, on and on and on—all the all the majors. And that was very difficult to do. A lot of people didn’t make it.

Steven Cherry You were fortunate enough to spend some hours with Thomas Watson Jr. and talk with him about the initial transition from tabulators to computers. And of course, he wrote about that himself. How would you compare these two transitions—into computers on the one hand and away from computer hardware on the other?

James Cortada I would say the transition from tabulators to computers was harder, more radical. It basically required an entirely new set of technology. It required a whole new set of employees and a different business model because the revenue streams, the profit streams and so on were fundamentally different. The only thing that didn’t change was culture and the values of the company because they applied in both cases. In the case of the consulting business, the services business, IBM kept holding on to hardware, software and added consulting,

Steven Cherry IBM seemed like it was making another pivot with artificial intelligence. After winning a chess in jeopardy, it created a new division, Watson, and gave it enormous resources, especially in personnel and in marketing, even though it was pretty early to this market. It doesn’t seem like it could keep up with its competitors.

James Cortada I would argue that the company was slow to get into both cloud computing and artificial intelligence as both things were going on at the same time. And it’s the Jeopardy phenomenon you refer to. It was slow to both. And so now IBM is in a catch-up mode, particularly on the cloud side. But it has so much horsepower, so much talent on the artificial intelligence that a little bit of a drag on coming into the market has allowed it to shape a whole series of new product offerings that the others haven’t come up with, specifically industry-specific uses of artificial intelligence that played into IBM’s strength.

Steven Cherry Yeah, it is interesting to speculate, though, if the equivalent of Amazon Web services had been developed at IBM first, what would Amazon look like today and what would IBM look like?

James Cortada You know, it’s interesting because while I was at IBM, we had conversations about that. It wasn’t clear at the time how to do that because the Amazon formula was, “we’ll give cloud to anybody who wants it.” And we knew from prior experience that just being generic like that wasn’t going to work because your mother and my mother could show up and say, I want cloud computing. IBM can’t deal with small enterprises when it comes to a technology like that. It has to be for General Motors, Ford, and so on. That’s where its core strength is. So it wasn’t clear in the beginning whether that would work. Secondly, there was a lot of concern about, would people move into the cloud? Meaning that we would lose a lot of hardware, install-hardware sales, software sales. So the trade off there and nobody could quite figure out either in the industry or within IBM, but the specific cost could be as clearly as management would like. So it was fuzzy. So people kind of drag your feet a little bit. I’ll be honest,

Steven Cherry Jim, every company involved in information processing is a potential target of cyberattacks, cyberterrorism, even cyberwar. In a way, the firms we can’t afford to lose make up almost a litmus test of the most important companies. If we were to list them ourselves, it would surely include Google, Microsoft, Amazon, and Apple. Years ago, IBM would be at the top of that list. Would IBM still be on the list today?

James Cortada I believe it would be because a lot of the work that it does is behind the scenes in conference rooms and data centers that the public doesn’t see. You could go to the U.S. Department of Defense and have them put together a list and they would have on that list companies that you and I haven’t heard of. But when you ask them, well, what do they do? “Oh, yes, they definitely have to be on the list.”

IBM would be on the list because they do so much work to support the economic national infrastructure, not only in the United States, but of many, many countries. So it’s more than just the US plus also obviously its work with the military and NSA and all the other agencies. So, yeah, it would make the list. Remember IBM’s number one customer—largest customer for over a century—was the federal government, the U.S. federal government. And you and I will never know all the pieces of the business in there.

Steven Cherry I mentioned earlier GE; it was a Dow Jones company every decade of the 20th century—no other company can claim that. Yet if GE survives at all today, it will be as a much smaller firm with a much narrower mission. IBM as well keeps shrinking while its competitors are growing. In the book you note that over its long, illustrious history, IBM has generated over a trillion dollars in revenue. But that’s almost exactly the same revenue as Google—now Alphabet—in the mere 19 years from 2002 to 2020.

James Cortada Yes, but don’t judge companies simply by their revenue size. Judge them by the quality of the revenue—that is, profit. Who’s spending the money with them? IBM will be a smaller company, there’s no question about it. That doesn’t mean they’re going to be a poor company. Its profits are pretty high. Its cash flows are fabulous. It’s got a very strong balance sheet. I wouldn’t bet against IBM, but it’ll be a smaller company, there’s no question about it.

Steven Cherry Once again, my guest is historian Jim Cortada. When we come back, I’ll ask him about a surprisingly consistent pattern to each of IBM’s transitions.

But first I’d like to say how much we appreciate questions, comments, and suggestions from our listeners. For example, Chris A writes me after just about every energy-related show with thoughtful reflections that have enriched later shows. I can be reached by email at metaphor@ieee.org or on Twitter @fixthefuturepod. We also welcome your rating us, especially on Apple Podcasts and Spotify. And if you go to an episode’s page on the Spectrum website, you can comment there, subscribe to alerts of new episodes, and find links to the people, places, and ideas mentioned in the show.

We’re back with IBM veteran and historian Jim Cortada. Jim, you have a set of three graphs in the book that literally chart the three biggest transitions of IBM through the decades. Maybe you can describe it.

James Cortada The three major transitions from, if you will, a product and operation point of view is the creation and selling of tabulating equipment from the 1890s to the 1950s; the second major transition is the era of the mainframe and the PC and other hardware products, from the 1950s to the end of the 1980s; and then the current period of services, both managerial consulting processes and also operational services. And that’s the period that we’re in now. Within each one of those, obviously, you get generations of hardware, generations of services. So, for example, on the services umbrella, we did out-sourcing in the 1980s and process engineering in the 1990s. Now we’re doing a hybrid cloud security and the company is doing artificial intelligence work and what have you.

I lived from the transition from the mainframe into and through and up to the artificial intelligence period of IBM. These are graphed on the chart. However, I would also add that in each case, you have different types of employees, different types of skill sets, in some cases different types of customers as well. So we could have made a number of of charts like this, but they all have in common are a couple of messages.

Number one, the transitions took a long time. So when somebody tells you IBM transitioned within two or three years, that’s nonsense. It took a decade on average in each case. The second thing I would point out is it took its customers the same amount of time because they also had to transition simultaneously with IBM. That’s why. One did it and the other one did it, too, because of new technology, new forces in the marketplace. So you’ve got that additional transition.

What the charts don’t say, but it is in the text, is that the culture of the company to a large extent remained essentially the same until the 1990s when the company decided parts of its corporate culture had atrophied and needed significant remake. That is a new type of change that IBM is undergoing right now that is hugely different from what it had in the first hundred years.

Steven Cherry Jim, your book is 621 pages, not counting its notes and excellent index—not enough books have indexes these days. You spent hundreds of hours in IBM’s own archives with the privileged access of an employee. And yet I understand that you’re still learning more about IBM each day, in part due to social media. You’re getting a lot of interesting comments on the article in Spectrum, I understand.

James Cortada Yeah, let me explain how that works, which is kind of fun. You know, there are well over 10 000 retired IBM employees on various Facebook accounts. So when an article like this comes out, either on the System 360 or the PC, I make that article available to that community through the various websites. And of course, they immediately jump on it because most of those people had personal experiences with each of those items. Right.

And it’s amazing who comes out of the woodwork. Take the PC, which was announced in 1981. IBM had been working on that product for about 18 months. Well, obviously one of the things that you do when you’re bringing a new product is figure out, well, how many copies can I sell? Well, the guy who had to come up with that was on Facebook. And so when he read the article, he said, yeah, I love the article. Oh, by the way, I was the lead forecaster on the product. And he was a little sensitive because one of the things I said in the article was IBM grossly underestimated how many PCs would be sold because everybody wanted the PC. And the minute IBM announced it it was just off the charts. He came back with a little response saying, well, my bosses reduced the forecast. And he didn’t want to talk about it anymore. So there’s a mystery out there, but we wouldn’t have known any of that, right? Is this tantalizing—more research to be done as a result of that little comment?

Steven Cherry That’s fantastic. Well, Jim, it’s a remarkable story of a remarkable company, remarkably well told. Thanks for writing it and for joining us today.

James Cortada Thank you. It’s been a pleasure.

Steven Cherry We’ve been speaking with IBM veteran and Ph.D. historian James Cortada, author of the 2019 book IBM: The Rise and Fall and Reinvention of a Global Icon, about IBM’s glorious past, struggling present, and challenging future.

Fixing the Future is sponsored by COMSOL, makers of mathematical modeling software and a longtime supporter of IEEE Spectrum as a way to connect and communicate with engineers.

Fixing the Future is brought to you by IEEE Spectrum, the member magazine of the Institute of Electrical and Electronic Engineers, a professional organization dedicated to advancing technology for the benefit of humanity.

This interview was recorded July 21, 2021, on Adobe Audition via Skype, and edited in Audacity. Our theme music is by Chad Crouch.

You can subscribe to Fixing the Future on Spotify, Stitcher, Apple, and wherever else you get your podcasts, or listen on the Spectrum website, which also contains transcripts of all our episodes. We welcome your feedback on the web or in social media.

For Fixing the Future, I’m Steven Cherry.

Read More

Be the first to write a comment.

Leave a Reply

Your email address will not be published. Required fields are marked *

Microsoft

The Outer Worlds 2 is now $10 cheaper, as Obsidian details how to get a refund on your pre-order

If you click on a link and make a purchase we may receive a small commission. Read our editorial policy. The Outer Worlds 2 is now $10 cheaper, as Obsidian details how to get a refund on your pre-order Cash in hand. Image credit: Obsidian News by Connor Makar Staff Writer Published on July 23

If you click on a link and make a purchase we may receive a small commission. Read our editorial policy.

The Outer Worlds 2 is now $10 cheaper, as Obsidian details how to get a refund on your pre-order

Cash in hand.

A character in a leafy ghilli suit leaps over a platform towards the camera while being shot at from afar.
Image credit: Obsidian

The Outer Worlds 2, the upcoming sci-fi FPS by Obsidian Entertainment will now be sold at $70 dollars, rather than the planned $80. This follows a statement by Microsoft confirming the U-turn earlier today.

Those who have already purchased the game at the $80 price point on Steam will have the purchase refunded and re-bought at the lower figure. On Battle.net, those who pre-ordered the game will have their orders cancelled and refunded, and will have to re-buy the game. Those on Xbox and PlayStation will have the difference refunded in the upcoming days.

This announcement was made on The Outer Worlds official social media accounts, with a cute in-universe statement and graphic. On the official Obsidian website, further explanation on how the price change will affect those who’ve already spent money has been provided.

Cover image for YouTube videoThe Outer Worlds 2 – Official Gameplay Trailer

Watch the gameplay trailer

Read More

Continue Reading
Microsoft

Microsoft reverses $80 first-party price hike to keep “full priced holiday releases in line with current conditions”

If you click on a link and make a purchase we may receive a small commission. Read our editorial policy. Home News Microsoft reverses $80 first-party price hike to keep “full priced holiday releases in line with current conditions” Starting with The Outer Worlds 2 Image credit: Obsidian Entertainment News by Vikki Blake Contributor Published

If you click on a link and make a purchase we may receive a small commission. Read our editorial policy.

Microsoft reverses $80 first-party price hike to keep “full priced holiday releases in line with current conditions”

Starting with The Outer Worlds 2

Image credit: Obsidian Entertainment

Just weeks after confirming The Outer Worlds 2 will be the first Microsoft game to retail for $80, Microsoft has reversed the decision, revealing the highly-anticipated sequel will now launch for $69.99 in keeping with typical AAA pricing.

This will apply not just to The Outer Worlds 2, but indeed other “full priced holiday releases” launched across the period.

In a statement, a Microsoft spokesperson said Xbox was “focused on bringing players incredible worlds to explore, and will keep our full priced holiday releases, including The Outer Worlds 2, at $69.99, in line with current market conditions.”

On social media, developer Obsidian posted: “We have received your SOS via skip drone about the pricing. As an organization devoted to making sure that corporations do not go unfettered, we at the Earth Directorate have worked with [REDACTED] to revise the price of The Outer Worlds 2. While this will not bring peace to the galaxy, or even your local colony, we assure you all that we are here to fight for all colonies in every way that we can.”

Microsoft announced last month that The Outer Worlds 2 would be the first Xbox title to retail at $80 following Microsoft’s planned price rises in May.

“We understand that these changes are challenging, and th

Read More

Continue Reading
Microsoft

Coyote malware abuses Windows accessibility framework for data theft

A new variant of the banking trojan ‘Coyote’ has begun abusing a Windows accessibility feature, Microsoft’s UI Automation framework, to identify which banking and cryptocurrency exchange sites are accessed on the device for potential credential theft. …

A new variant of the banking trojan ‘Coyote’ has begun abusing a Windows accessibility feature, Microsoft’s UI Automation framework, to identify which banking and cryptocurrency exchange sites are accessed on the device for potential credential theft. …
Read More

Continue Reading
Microsoft

Microsoft Server Software Comes Under Widespread Cyberattack

Breadcrumb Trail Links Home PMN Business Share this Story : Microsoft Rushes to Stop Hackers from Wreaking Global Havoc Copy Link Email X Reddit Pinterest LinkedIn Tumblr Microsoft Rushes to Stop Hackers from Wreaking Global Havoc Hackers exploited a security flaw in common Microsoft Corp. software to breach governments, businesses and other organizations across the

Microsoft Rushes to Stop Hackers from Wreaking Global Havoc

Hackers exploited a security flaw in common Microsoft Corp. software to breach governments, businesses and other organizations across the globe and steal sensitive information, according to officials and cybersecurity researchers.

Article content

(Bloomberg) — Hackers exploited a security flaw in common Microsoft Corp. software to breach governments, businesses and other organizations across the globe and steal sensitive information, according to officials and cybersecurity researchers.

Article content

Microsoft over the weekend released a patch for the vulnerability in servers of the SharePoint document management software. The company said it was still working to roll out other fixes after warnings that hackers were targeting SharePoint clients, using the flaw to enter file systems and execute code.

Article content
Article content

Story continues below

Article content

Multiple different hackers are launching attacks through the Microsoft vulnerability, according to representatives of two cybersecurity firms, CrowdStrike Holdings, Inc. and Google’s Mandiant Consulting.

Article content
Article content

Hackers have already used the flaw to break into the systems of national governments in Europe and the Middle East, according to a person familiar with the matter. In the US, they’ve accessed government systems, including ones belonging to the US Department of Education, Florida’s Department of Revenue and the Rhode Island General Assembly, said the person, who spoke on condition that they not be identified discussing the sensitive information.

Article content

Representatives of the Department of Education and Rhode Island legislature didn’t respond to calls and emails seeking comment Monday. A Florida Department of Revenue spokesperson, Bethany Wester Cutillo, said in an email that the SharePoint vulnerability is being investigated “at multiple levels of government” but that the state agency “does not comment publicly on the software we use for operations.”

Article content

Story continues below

Article content

The hackers also breached the systems of a US-based health-care provider and targeted a public university in Southeast Asia, according to a report from a cybersecurity firm reviewed by Bloomberg News. The report doesn’t identify either entity by name, but says the hackers have attempted to breach SharePoint servers in countries including Brazil, Canada, Indonesia, Spain, South Africa, Switzerland, the UK and the US. The firm asked not to be named because of the sensitivity of the information. 

Article content

In some systems they’ve broken into, the hackers have stolen sign-in credentials, including usernames, passwords, hash codes and tokens, according to a person familiar with the matter, who also spoke on condition that they not be identified discussing the sensitive information.

Article content

“This is a high-severity, high-urgency threat,” said Michael Sikorski, chief technology officer and head of threat intelligence for Unit 42 at Palo Alto Networks Inc. 

Article content

“What makes this especially concerning is SharePoint’s deep integration with Microsoft’s platform, including their services like Office, Teams, OneDrive and Outlook, which has all the information valuable to an attacker,” he said. “A compromise doesn’t stay contained—it opens the door to the entire network.” 

Article content

(Bloomberg) — Hackers exploited a security flaw in common Microsoft Corp. software to breach governments, businesses and other organizations across the globe and steal sensitive information, according to officials and cybersecurity researchers.

Article content

Microsoft over the weekend released a patch for the vulnerability in servers of the SharePoint document management software. The company said it was still working to roll out other fixes after warnings that hackers were targeting SharePoint clients, using the flaw to enter file systems and execute code.

Article content
Article content

Story continues below

Article content

Multiple different hackers are launching attacks through the Microsoft vulnerability, according to representatives of two cybersecurity firms, CrowdStrike Holdings, Inc. and Google’s Mandiant Consulting.

Article content
Article content

Hackers have already used the flaw to break into the systems of national governments in Europe and the Middle East, according to a person familiar with the matter. In the US, they’ve accessed government systems, including ones belonging to the US Department of Education, Florida’s Department of Revenue and the Rhode Island General Assembly, said the person, who spoke on condition that they not be identified discussing the sensitive information.

Article content

Representatives of the Department of Education and Rhode Island legislature didn’t respond to calls and emails seeking comment Monday. A Florida Department of Revenue spokesperson, Bethany Wester Cutillo, said in an email that the SharePoint vulnerability is being investigated “at multiple levels of government” but that the state agency “does not comment publicly on the software we use for operations.”

Article content

Story continues below

Article content

The hackers also breached the systems of a US-based health-care provider and targeted a public university in Southeast Asia, according to a report from a cybersecurity firm reviewed by Bloomberg News. The report doesn’t identify either entity by name, but says the hackers have attempted to breach SharePoint servers in countries including Brazil, Canada, Indonesia, Spain, South Africa, Switzerland, the UK and the US. The firm asked not to be named because of the sensitivity of the information. 

Article content

In some systems they’ve broken into, the hackers have stolen sign-in credentials, including usernames, passwords, hash codes and tokens, according to a person familiar with the matter, who also spoke on condition that they not be identified discussing the sensitive information.

Article content

“This is a high-severity, high-urgency threat,” said Michael Sikorski, chief technology officer and head of threat intelligence for Unit 42 at Palo Alto Networks Inc. 

Article content

“What makes this especially concerning is SharePoint’s deep integration with Microsoft’s platform, including their services like Office, Teams, OneDrive and Outlook, which has all the information valuable to an attacker,” he said. “A compromise doesn’t stay contained—it opens the door to the entire network.” 

Advertisement 2
Advertisement
Article content

Tens of thousands — if not hundreds of thousands — of businesses and institutions worldwide use SharePoint in some fashion to store and collaborate on documents. Microsoft said that attackers are specifically targeting clients running SharePoint servers from their own on-premise networks, as opposed to being hosted and managed by the tech firm. That could limit the impact to a subsection of customers.

Article content

A Microsoft spokesperson declined to comment beyond an earlier statement.

Article content

“It’s a dream for ransomware operators,” said Silas Cutler, a researcher at Michigan-based cybersecurity firm Censys. He estimated that more than 10,000 companies with SharePoint servers were at risk. The US had the largest number of such firms, followed by the Netherlands, the UK and Canada, he said. 

Article content

The breaches have drawn new scrutiny to Microsoft’s efforts to shore up its cybersecurity after a series of high-profile failures. The firm has hired executives from places like the US government and holds weekly meetings with senior executives to make its software more resilient. The company’s tech has been subject to several widespread and damaging hacks in recent years, and a 2024 US government report described the company’s security culture as in need of urgent reforms.

Article content

Story continues below

Article content

The Center for Internet Security, which operates a cybersecurity information sharing system for state and local governments in the US, found more than 1,100 servers that are at risk from the SharePoint vulnerability, said Randy Rose, the organization’s vice president of security operations and intelligence. Rose said more than 100 were likely hacked.

Article content

The Washington Post reported that the breach had affected US federal and state agencies, universities, energy companies and an Asian telecommunications company, citing state officials and private researchers.

Article content

Eye Security was the first to identify that attackers were actively exploiting the vulnerabilities in a wave of cyberattacks that began on Friday, said Vaisha Bernard, the company’s chief hacker and co-owner.

Article content

Eye Security said the vulnerability allows hackers to access SharePoint servers and steal keys that can let them impersonate users or services even after the server is patched. It said hackers can maintain access through backdoors or modified components that can survive updates and reboots of systems.

Article content

Story continues below

Article content

The SharePoint vulnerabilities, known as “ToolShell,” were first identified in May by researchers at a Berlin cybersecurity conference. In early July, Microsoft issued patches to fix the security holes, but hackers found another way in.

Article content

“There were ways around the patches,” which enabled hackers to break into SharePoint servers by tapping into similar vulnerabilities, said Bernard. “That allowed these attacks to happen.” The intrusions, he said, were not targeted and instead were aimed at compromising as many victims as possible. After scanning about 8,000 SharePoint servers, Bernard said he has so far identified at least 50 that were successfully compromised.

Article content

He declined to identify the identity of organizations that had been targeted, but said they included government agencies and private companies, including “bigger multinationals.” The victims were located in countries in North and South America, the EU, South Africa, and Australia, he added.

Article content
Article content

—With assistance from Lynn Doan, Cameron Fozi, Daniel Cancel, Aashna Shah, Jane Lanhee Lee and Patrick Howell O’Neill.

Article content

(Updates with additional information beginning in third paragraph.)

Article content

Comments
You must be logged in to join the discussion or read more comments.
Create an AccountSign in
Join the Conversation

Postmedia is committed to maintaining a lively but civil forum for discussion. Please keep comments relevant and respectful. Comments may take up to an hour to appear on the site. You will receive an email if there is a reply to your comment, an update to a thread you follow or if a user you follow comments. Visit our Community Guidelines for more information.

Read More

Continue Reading