azure

FTC to launch investigation into Microsoft’s cloud business

antitrust, azure, microsoft, Policy, syndication / Kris Guyer / November 15, 2024

The FTC also highlighted fees charged on users transferring data out of certain cloud systems and minimum spend contracts, which offer discounts to companies in return for a set level of spending.

Microsoft has also attracted scrutiny from international regulators over similar matters. The UK’s Competition and Markets Authority is investigating Microsoft and Amazon after its fellow watchdog Ofcom found that customers complained about being “locked in” to a single provider, which offers discounts for exclusivity and charge high “egress fees” to leave.

In the EU, Microsoft has avoided a formal probe into its cloud business after agreeing to a multimillion-dollar deal with a group of rival cloud providers in July.

The FTC in 2022 sued to block Microsoft’s $75 billion acquisition of video game maker Activision Blizzard over concerns the deal would harm competitors to its Xbox consoles and cloud-gaming business. A federal court shot down an attempt by the FTC to block it, which is being appealed. A revised version of the deal in the meantime closed last year following its clearance by the UK’s CMA.

Since its inception 20 years ago, cloud infrastructure and services has grown to become one of the most lucrative business lines for Big Tech as companies outsource their data storage and computing online. More recently, this has been turbocharged by demand for processing power to train and run artificial intelligence models.

Spending on cloud services soared to $561 billion in 2023 with market researcher Gartner forecasting it will grow to $675 billion this year and $825 billion in 2025. Microsoft has about a 20 percent market share over the global cloud market, trailing leader Amazon Web Services that has 31 percent, but almost double the size of Google Cloud at 12 percent.

There is fierce rivalry between the trio and smaller providers. Last month, Microsoft accused Google of running “shadow campaigns” seeking to undermine its position with regulators by secretly bankrolling hostile lobbying groups.

Microsoft also alleged that Google tried to derail its settlement with EU cloud providers by offering them $500 million in cash and credit to reject its deal and continue pursuing litigation.

The FTC and Microsoft declined to comment.

FTC to launch investigation into Microsoft’s cloud business Read More »

Microsoft reports big profits amid massive AI investments

Activision, AI, azure, earnings, microsoft, Tech / Rejus Almole / October 30, 2024

Microsoft reported quarterly earnings that impressed investors and showed how resilient the company is even as it spends heavily on AI.

Some investors have been uneasy about the company’s aggressive spending on AI, while others have demanded it. During this quarter, Microsoft reported that it spent $20 billion on capital expenditures, nearly double what it had spent during the same quarter last year.

However, the company satisfied both groups of investors, as it revealed it has still been doing well in the short term amid those long-term investments. The fiscal quarter, which covered July through September, saw overall sales rise 16 percent year over year to $65.6 billion. Despite all that AI spending, profits were up 11 percent, too.

The growth was largely driven by Azure and cloud services, which saw a 33 percent increase in revenue. The company attributed 12 percent of that to AI-related products and services.

Meanwhile, Microsoft’s gaming division continued to challenge long-standing assumptions that hardware is king, with Xbox content and services posting 61 percent increased year-over-year revenue despite a 29 percent drop in hardware sales.

Microsoft has famously been inching away from the classic strategy of keeping software and services exclusive to its hardware, launching first-party games like Sea of Thieves not just on PC but on the competing PlayStation 5 console from Sony. Compared to the Xbox, the PlayStation is dominant in sales and install base for this generation.

But don’t make the mistake of assuming that a 61 percent jump in content and services revenue is solely because Microsoft’s Game Pass subscription service is taking off. The company attributed 53 points of that to the recent $69 billion Activision acquisition.

Microsoft reports big profits amid massive AI investments Read More »

CrowdStrike fixes start at “reboot up to 15 times” and get more complex from there

azure, Biz & IT, BSOD, Crowdstrike, microsoft, microsoft azure, Tech / Paul Patrick / July 19, 2024

turning it off and back on again, and again, and again —

Admins can also restore backups or manually delete CrowdStrike’s buggy driver.

Andrew Cunningham – Jul 19, 2024 3: 43 pm UTC

Airlines, payment processors, 911 call centers, TV networks, and other businesses have been scrambling this morning after a buggy update to CrowdStrike’s Falcon security software caused Windows-based systems to crash with a dreaded blue screen of death (BSOD) error message.

We’re updating our story about the outage with new details as we have them. Microsoft and CrowdStrike both say that “the affected update has been pulled,” so what’s most important for IT admins in the short term is getting their systems back up and running again. According to guidance from Microsoft, fixes range from annoying but easy to incredibly time-consuming and complex, depending on the number of systems you have to fix and the way your systems are configured.

Microsoft’s Azure status page outlines several fixes. The first and easiest is simply to try to reboot affected machines over and over, which gives affected machines multiple chances to try to grab CrowdStrike’s non-broken update before the bad driver can cause the BSOD. Microsoft says that some of its customers have had to reboot their systems as many as 15 times to pull down the update.

Enlarge / Early guidance for fixing the CrowdStrike bug is simply to reboot systems over and over again so that they can try to grab a non-broken update.

Microsoft

If rebooting doesn’t work

If rebooting multiple times isn’t fixing your problem, Microsoft recommends restoring your systems using a backup from before 4: 09 UTC on July 18 (just after midnight on Friday, Eastern time), when CrowdStrike began pushing out the buggy update. Crowdstrike says a reverted version of the file was deployed at 5: 27 UTC.

If these simpler fixes don’t work, you may need to boot your machines into Safe Mode so you can manually delete the file that’s causing the BSOD errors. For virtual machines, Microsoft recommends attaching the virtual disk to a known-working repair VM so the file can be deleted, then reattaching the virtual disk to its original VM.

The file in question is a CrowdStrike driver located at Windows/System32/Drivers/CrowdStrike/C-00000291*.sys. Once it’s gone, the machine should boot normally and grab a non-broken version of the driver.

Deleting that file on each and every one of your affected systems individually is time-consuming enough, but it’s even more time-consuming for customers using Microsoft’s BitLocker drive encryption to protect data at rest. Before you can delete the file on those systems, you’ll need the recovery key that unlocks those encrypted disks and makes them readable (normally, this process is invisible, because the system can just read the key stored in a physical or virtual TPM module).

This can cause problems for admins who aren’t using key management to store their recovery keys, since (by design!) you can’t access a drive without its recovery key. If you don’t have that key, Cryptography and infrastructure engineer Tony Arcieri on Mastodon compared this to a “self-inflicted ransomware attack,” where an attacker encrypts the disks on your systems and withholds the key until they get paid.

And even if you do have a recovery key, your key management server might also be affected by the CrowdStrike bug.

We’ll continue to track recommendations from Microsoft and CrowdStrike about fixes as each company’s respective status pages are updated.

“We understand the gravity of the situation and are deeply sorry for the inconvenience and disruption,” wrote CrowdStrike CEO George Kurtz on X, formerly Twitter. “We are working with all impacted customers to ensure that systems are back up and they can deliver the services their customers are counting on.”

CrowdStrike fixes start at “reboot up to 15 times” and get more complex from there Read More »

Microsoft ties executive pay to security following multiple failures and breaches

azure, Biz & IT, microsoft, midnight blizzard, security breach, storm-0558, Tech / Paul Patrick / May 4, 2024

lock it down —

Microsoft has been criticized for “preventable” failures and poor communication.

Andrew Cunningham – May 3, 2024 8: 25 pm UTC

It’s been a bad couple of years for Microsoft’s security and privacy efforts. Misconfigured endpoints, rogue security certificates, and weak passwords have all caused or risked the exposure of sensitive data, and Microsoft has been criticized by security researchers, US lawmakers, and regulatory agencies for how it has responded to and disclosed these threats.

The most high-profile of these breaches involved a China-based hacking group named Storm-0558, which breached Microsoft’s Azure service and collected data for over a month in mid-2023 before being discovered and driven out. After months of ambiguity, Microsoft disclosed that a series of security failures gave Storm-0558 access to an engineer’s account, which allowed Storm-0558 to collect data from 25 of Microsoft’s Azure customers, including US federal agencies.

In January, Microsoft disclosed that it had been breached again, this time by Russian state-sponsored hacking group Midnight Blizzard. The group was able “to compromise a legacy non-production test tenant account” to gain access to Microsoft’s systems for “as long as two months.”

All of this culminated in a report (PDF) from the US Cyber Safety Review Board, which castigated Microsoft for its “inadequate” security culture, its “inaccurate public statements,” and its response to “preventable” security breaches.

To attempt to turn things around, Microsoft announced something it called the “Secure Future Initiative” in November 2023. As part of that initiative, Microsoft today announced a series of plans and changes to its security practices, including a few changes that have already been made.

“We are making security our top priority at Microsoft, above all else—over all other features,” wrote Microsoft Security Executive Vice President Charlie Bell. “We’re expanding the scope of SFI, integrating the recent recommendations from the CSRB as well as our learnings from Midnight Blizzard to ensure that our cybersecurity approach remains robust and adaptive to the evolving threat landscape.”

As part of these changes, Microsoft will also make its Senior Leadership Team’s pay partially dependent on whether the company is “meeting our security plans and milestones,” though Bell didn’t specify how much executive pay would be dependent on meeting those security goals.

Microsoft’s post describes three security principles (“secure by design,” “secure by default,” and “secure operations”) and six “security pillars” meant to address different weaknesses in Microsoft’s systems and development practices. The company says it plans to secure 100 percent of all its user accounts with “securely managed, phishing-resistant multifactor authentication,” enforce least-privilege access across all applications and user accounts, improve network monitoring and isolation, and retain all system security logs for at least two years, among other promises. Microsoft is also planning to put new deputy Chief Information Security Officers on different engineering teams to track their progress and report back to the executive team and board of directors.

As for concrete fixes that Microsoft has already implemented, Bell writes that Microsoft has “implemented automatic enforcement of multifactor authentication by default across more than 1 million Microsoft Entra ID tenants within Microsoft,” removed 730,000 old and/or insecure apps “to date across production and corporate tenants,” expanded its security logging, and adopted the Common Weakness Enumeration (CWE) standard for its security disclosures.

In addition to Bell’s public security promises, The Verge has obtained and published an internal memo from Microsoft CEO Satya Nadella that re-emphasizes the company’s publicly stated commitment to security. Nadella also says that improving security should be prioritized over adding new features, something that may affect the constant stream of tweaks and changes that Microsoft releases for Windows 11 and other software.

“The recent findings by the Department of Homeland Security’s Cyber Safety Review Board (CSRB) regarding the Storm-0558 cyberattack, from summer 2023, underscore the severity of the threats facing our company and our customers, as well as our responsibility to defend against these increasingly sophisticated threat actors,” writes Nadella. “If you’re faced with the tradeoff between security and another priority, your answer is clear: Do security. In some cases, this will mean prioritizing security above other things we do, such as releasing new features or providing ongoing support for legacy systems.”

Microsoft ties executive pay to security following multiple failures and breaches Read More »

Alleged cryptojacking scheme consumed $3.5M of stolen computing to make just $1M

AWS, azure, Biz & IT, Cloud Computing, cryptojacking, Security / Paul Patrick / April 15, 2024

SHOCKING CRYPTOCURRENCY SCAM —

Indictment says man tricked cloud providers into giving him services he never paid for.

Dan Goodin – Apr 15, 2024 7: 46 pm UTC

Federal prosecutors indicted a Nebraska man on charges he perpetrated a cryptojacking scheme that defrauded two cloud providers—one based in Seattle and the other in Redmond, Washington—out of $3.5 million.

The indictment, filed in US District Court for the Eastern District of New York and unsealed on Monday, charges Charles O. Parks III—45 of Omaha, Nebraska—with wire fraud, money laundering, and engaging in unlawful monetary transactions in connection with the scheme. Parks has yet to enter a plea and is scheduled to make an initial appearance in federal court in Omaha on Tuesday. Parks was arrested last Friday.

Prosecutors allege that Parks defrauded “two well-known providers of cloud computing services” of more than $3.5 million in computing resources to mine cryptocurrency. The indictment says the activity was in furtherance of a cryptojacking scheme, a term for crimes that generate digital coin through the acquisition of computing resources and electricity of others through fraud, hacking, or other illegal means.

Details laid out in the indictment underscore the failed economics involved in the mining of most cryptocurrencies. The $3.5 million of computing resources yielded roughly $1 million worth of cryptocurrency. In the process, massive amounts of energy were consumed.

Parks’ scheme allegedly used a variety of personal and business identities to register “numerous accounts” with the two cloud providers and in the process acquiring vast amounts of computing processing power and storage that he never paid for. Prosecutors said he tricked the providers into allotting him elevated levels of services and deferred billing accommodations and deflected the providers’ inquiries regarding questionable data usage in unpaid bills. He allegedly then used those resources to mine Ether, Litecoin, and Monero digital currencies.

The defendant then allegedly laundered the proceeds through cryptocurrency exchanges, an NFT marketplace, an online payment provider, and traditional bank accounts in an attempt to disguise the illegal scheme. Once proceeds had been converted to dollars, Parks allegedly bought a Mercedes-Benz, jewelry, first-class hotel and travel accommodations, and other luxury goods and services.

From January to August 2021, prosecutors allege, Parks created five accounts with the Seattle-based “on-demand cloud computing platform” using different names, email addresses, and corporate affiliations. He then allegedly “tricked and defrauded” employees of the platform into providing elevated levels of service, deferring billing payments, and failing to discover the activity.

During this time, Parks repeatedly requested that the provider “provide him access to powerful and expensive instances that included graphics processing units used for cryptocurrency mining and launched tens of thousands of these instances to mine cryptocurrency, employing mining software applications to facilitate the mining of tokens including ETH, LTC and XMR in various mining pools, and employing tools that allowed him to maximize cloud computing power and monitor which instances were actively mining on each mining pool,” prosecutors wrote in the indictment.

Within a day of having one account suspended for nonpayment and fraudulent activity, Parks allegedly used a new account with the provider. In all, Parks allegedly consumed more than $2.5 million of the Seattle-based provider’s services.

The prosecutors went on to allege that Parks used similar tactics to defraud the Redmond provider of more than $969,000 in cloud computing and related services.

Prosecutors didn’t say precisely how Parks was able to trick the providers into giving him elevated services, deferring unpaid payments, or failing to discover the allegedly fraudulent behavior. They also didn’t identify either of the cloud providers by name. Based on the details, however, they are almost certainly Amazon Web Services and Microsoft Azure. Representatives from both providers didn’t immediately return emails seeking confirmation.

If convicted on all charges, Parks faces as much as 30 years in prison.

Alleged cryptojacking scheme consumed $3.5M of stolen computing to make just $1M Read More »

Microsoft Releases Initial Azure Cloud Rendering Support for Quest 2 & Quest Pro

azure, Cloud Computing, cloud computing microsoft vr, cloud gaming, cloud rendering, microsoft, microsoft ar, microsoft azure, Microsoft Hololens, Microsoft HoloLens Compatible, microsoft vr, News / Rejus Almole / June 26, 2023

Microsoft announced it’s released a public preview of Azure Remote Rendering support for Meta Quest 2 and Quest Pro, something that promises to allow devs to render complex 3D content in the cloud and stream it to those VR headsets in real-time.

Azure Remote Rendering, which already supports desktop and the company’s AR headset HoloLens 2, notably uses a hybrid rendering approach to combine remotely rendered content with locally rendered content.

Now supporting Quest 2 and Quest Pro, developers are able to integrate Microsoft’s Azure cloud rendering capabilities to do things like view large and complex models on Quest.

Microsoft says in a developer blog post that one such developer Fracture Reality has already integrated Azure Remote Rendering into its JoinXR platform, enhancing its CAD review and workflows for engineering clients.

Image courtesy Microsoft, Fracture Reality

The JoinXR model above was said to take 3.5 minutes to upload and contains 12.6 million polygons and 8K images.

While streaming XR content from the cloud isn’t a new phenomenon—Nvidia initially released its own CloudXR integration for AWS, Microsoft Azure, and Google Cloud in 2021—Microsoft offering direct integration is a hopeful sign that the company hasn’t given up on VR, and is actively looking to bring enterprise deeper into the fold.

If you’re looking to integrate Azure’s cloud rendering tech into your project, check out Microsoft’s step-by-step guide here.

Microsoft Releases Initial Azure Cloud Rendering Support for Quest 2 & Quest Pro Read More »