Microsoft (NASDAQ:MSFT) is in a tight spot after hackers slipped into its SharePoint servers and hit about 400 agencies and firms worldwide. Eye Security first raised the alarm last week when it found victims in the US, Mauritius, Jordan, South Africa and the Netherlands.
In a Wednesday blog Microsoft said its expanded analysis shows a group called Storm?2603 is now planting ransomware that freezes networks until a crypto payout. The National Nuclear Security Administration and NIH were among the targets, and South Africa’s National Treasury confirmed it found malware but kept core systems online.
On Tuesday Microsoft warned that Chinese?linked hackers have been exploiting unpatched SharePoint software, turning what began as cyberespionage into a broader threat just as US?China tensions flare. US Treasury Secretary Scott Bessent plans to raise the breach at next week’s Stockholm trade talks, highlighting how geopolitics now overlaps with cybersecurity.
Analysts note this episode shows the risk of legacy on?premise tools and push firms toward cloud?native collaboration. Morgan Stanley’s (NYSE:MS) tech team even forecasts a 15% jump in security service revenues next quarter, which may boost cloud providers.
Customer trust in MSFT will hinge on how quickly it locks down SharePoint. Investors will eye Microsoft’s next security patch due in late August.
This article first appeared on GuruFocus.
