|Bid||19.59 x 800|
|Ask||19.60 x 900|
|Day's Range||18.96 - 19.69|
|52 Week Range||7.54 - 25.53|
|Beta (5Y Monthly)||1.16|
|PE Ratio (TTM)||N/A|
|Earnings Date||Apr 26, 2021 - Apr 30, 2021|
|Forward Dividend & Yield||N/A (N/A)|
|1y Target Est||22.58|
(Bloomberg) -- A bipartisan group of senators on Tuesday recommended that the U.S. consider requiring companies to disclose when they have been hacked.At the first public hearing before Congress since a massive cyber-attack by suspected Russian hackers was disclosed in December, Senate Intelligence Committee Chairman Mark Warner, a Democrat, was joined by the vice chairman of the committee, Republican Senator Marco Rubio, in calling for the measure. Several others, including Senator Angus King, an independent, also voiced their support, as did several of the tech executives who were testifying.There is currently no federal data breach notification law.“It is time, not only to talk about, but to find a way to take action to impose in an appropriate manner, some kind of notification obligation on entities in the private sector,” said Microsoft Corp. President Brad Smith. “I think it is the only way we’re going to protect the country, and I think it is the only way we’re going to protect the world.”FireEye Inc. Chief Executive Officer Kevin Mandia said he supported a requirement that companies notify an appropriate government agency about being hacked. But he urged that it be confidential, to encourage companies to participate amid liability concerns.The hearing before Warner’s committee on Tuesday included Sudhakar Ramakrishna, the CEO of SolarWinds Corp. -- the Texas-based software firm that the hackers compromised as part of the attack. He told the committee that the tool hackers used to compromise the company’s software “poses a grave risk of automated supply chain attacks” across the software industry.The senators mostly used a light touch in questioning Ramakrishna -- who started at SolarWinds in January after the hack was disclosed -- about his company’s responsibility in the massive cyber-attack. He said his company is investigating three possible ways the attackers may have used to gain access to the company’s networks but haven’t reached a conclusion.The senators were much tougher on Amazon Web Services for not appearing at the hearing despite an invitation. According to SolarWinds, its Orion software platform -- which was compromised by the hackers -- could be deployed by customers on AWS among other cloud platforms.“The operation we will be discussing today used their infrastructure, at least in part,” Rubio said. “Apparently they were too busy to discuss that here today.”Amazon.com Inc. didn’t immediately respond to a request for comment.The hackers responsible for the incident inserted malicious code into SolarWinds’s software, which was delivered to as many as 18,000 customers through software updates, though fewer are believed to have been targeted with additional hacking.The White House has confirmed that the hackers leveraged this access to breach more than 100 companies and nine U.S. agencies with follow-on hacking aimed at espionage.Mandia, of FireEye, said the attackers were “exceptionally hard to detect.” He added that the hackers appeared to be highly concerned with remaining hidden. “The minute you could detect these folks and stopped them breaking through the door, they sort of evaporated like ghosts until their next operation.”FireEye discovered the hacking campaign while investigating a breach of its own networks. Mandia said in his prepared remarks that the company found an intrusion in late November and determined that a third-party had accessed their network without authorization. FireEye disclosed the cyber-attack in December.Smith told the committee that Microsoft’s threat hunters and engineers analyzed the attack and estimated there were 1,000 developers who worked on the attack. “It is the largest and most sophisticated operation of this sort that we’ve seen,” he said.Another witness at the hearing, George Kurtz, the co-founder and CEO of Crowdstrike, the cybersecurity firm hired by SolarWinds for incident response, called for improvements to federal cybersecurity. He said old computer systems and compliance rules “detract from their core security work.”While a mandatory data breach notification law is one mechanism by which Congress could improve U.S. cybersecurity, the prospects of passing such a law in 2021 are slim given competing Covid-19 relief priorities, according to Dominique Shelton Leipzig, a privacy and cybersecurity attorney at Perkins Coie LLP.“Realistically, the chances of getting a federal omnibus privacy and data security law are looking more likely to happen next year,” she said.Businesses want a federal law since they currently have to comply with differing data breach notification laws in all 50 states, she said. “This is the perfect example where companies are calling out for guidance both on the privacy and data security side,” she said.(Updates with additional details beginning in second paragraph.)For more articles like this, please visit us at bloomberg.comSubscribe now to stay ahead with the most trusted business news source.©2021 Bloomberg L.P.
A cyberespionage campaign waged by Russian foreign intelligence on U.S. companies and government institutions was of a scale and sophistication never before seen, technology executives told the Senate Select Committee on Intelligence on Tuesday.
SolarWinds Corp (NYSE: SWI) CEO Sudhakar Ramakrishna, Microsoft Corp (NASDAQ: MSFT) President Brad Smith, FireEye Inc (NASDAQ: FEYE) CEO Kevin Mandia, and CrowdStrike Holdings Inc (NASDAQ: CRWD) CEO George Kurtz are expected to defend themselves to the Senate over a set of interruptions that have enabled alleged Russian spies to wreak havoc across American networks, compromising nine federal agencies and 100 private-sector companies, Reuters reports. The CEOs will debate over mandatory transparency against the most avoidable topic of cyberespionage. FireEye was the first company to detect hackers. SolarWinds’ software was breached to break into a host of other organizations. CrowdStrike is assisting SolarWinds to recover from the breach. The exact scope of the breach is wider than estimated as different company executives try to keep their role in the cyberespionage campaign a secret. Microsoft has urged cyberattack victims to share information towards the resolution of the threat. A Russian government hacker group named APT29 or Cozy Bear was allegedly responsible for the attack last year. The hack was hard to perceive and difficult to undo as per the Cybersecurity and Infrastructure Security Agency. Microsoft admitted that malicious software in its system with certain Microsoft Azure cloud services systems might have been compromised. The company also confirmed the removal of malicious Solar Winds binaries from their environment. The hack could not have come at a worse time than when the U.S. government was battling increased online vulnerability, with most officials working from home amidst the pandemic and accessing sensitive applications and data from global endpoints. Price action: On the last check Tuesday, SWI shares are down 3.38% at $15.45, MSFT shares are down 0.92% at $232.38, FEYE shares are down 4.78% at $19.54, and CRWD shares are down 4.92% at $214.71. See more from BenzingaClick here for options trades from BenzingaIBM Contemplates Watson Health Business Divestment To Focus On Cloud: WSJCrowdStrike To Acquire XDR Company Humio For 0M© 2021 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.