At least 30,000 US organizations, including local governments, have been hacked in the past few days by an “unusually aggressive” Chinese cyberespionage campaign, a computer security specialist said.
The campaign has exploited recently discovered flaws in Microsoft Exchange software, stealing e-mails and infecting computer servers with tools that allow attackers to take control remotely, Brian Krebs said in a post on his cybersecurity news Web site.
“This is an active threat,” White House spokeswoman Jennifer Psaki said when asked about the situation during a press briefing.
Photo: Reuters
“Everyone running these servers needs to act now to patch them. We are concerned that there are a large number of victims,” she added.
After Microsoft released patches for the vulnerabilities on Tuesday, attacks “dramatically stepped up” on servers not yet updated with security fixes, said Krebs, who cited unnamed sources familiar with the situation.
“At least 30,000 organizations across the United States — including a significant number of small businesses, towns, cities and local governments — have over the past few days been hacked by an unusually aggressive Chinese cyberespionage unit that’s focused on stealing e-mail from victim organizations,” Krebs wrote in the post.
He reported that insiders said hackers have “seized control” of thousands of computer systems around the world using password-protected software tools slipped into systems.
Microsoft said early this week that a state-sponsored hacking group operating out of China is exploiting previously unknown security flaws in its Exchange e-mail services to steal data from business users.
The company said that the hacking group, which it has named “Hafnium,” is a “highly skilled and sophisticated actor.”
Hafnium has in the past targeted US-based companies, including infectious disease researchers, law firms, universities, defense contractors, think tanks and non-governmental organizations.
In a blog post on Tuesday, Microsoft executive Tom Burt said the company had released updates to fix the security flaws, which apply to on-premises versions of the software rather than cloud-based versions, and urged customers to apply them.
“We know that many nation-state actors and criminal groups will move quickly to take advantage of any unpatched systems,” he added at the time.
Microsoft said the group was based in China, but operated through leased virtual private servers in the US, and that it had briefed the US government.
Beijing has previously hit back at US accusations of state-sponsored cybertheft. Last year, it accused Washington of a smear campaign, following allegations that Chinese hackers were attempting to steal COVID-19 research.
In January, US intelligence and law enforcement agencies said that Russia was probably behind the massive SolarWinds hack that shook the government and corporate security, contradicting then-US president Donald Trump, who had suggested that China could be to blame.
Microsoft said that the Hafnium attacks “were in no way connected to the separate SolarWinds-related attacks.”
Taiwan aims to open 18 representative offices and seven Taiwan Tourism Information Centers worldwide by next year to attract international visitors, the Tourism Administration said on Saturday. The agency has so far opened three representative offices abroad this year and would open two more before the end of the year, it said. It has also already opened information centers in Jakarta, Mumbai and Paris, and is to open one in Vancouver next month and in Manila in December, it said. Next year, it would also open offices in Amsterdam, Dubai and Sydney, it added. While the Cabinet did not mention international tourists in its
EYES AT SEA: Many marine enthusiasts have expressed interest in volunteering for coastal patrols, which would help identify stowaways and illegal fishing, the CGA said Six thousand coastal patrol volunteers are to be recruited for 159 inspection offices to enhance the nation’s response to “gray zone” conflicts, Coast Guard Administration (CGA) sources said yesterday. Volunteer teams would be established to increase the resilience of coastal defense systems in the wake of two unlawful entries attempted by Chinese over the past three months, Ocean Affairs Council Minister Kuan Bi-ling (管碧玲) said. A former Chinese navy captain drove a motorboat into the Tamsui River (淡水河) in Taipei on the eve of the Dragon Boat Festival in June, while another Chinese man sailed in a rubber boat into the Houkeng
NEXT LEVEL: The defense ministry confirmed that a video released last month featured personnel piloting new FPV drone systems being developed by the Armaments Bureau Taipei and Washington are pushing for their drone companies to work together to establish a China-free supply chain, the Financial Times reported on Friday. A delegation of high-level executives and US government officials were yesterday to arrive in Taipei to discuss with their Taiwanese counterparts collaboration on drone technology procurement and development, the report said. The executives represent 26 US manufacturers of drone and counter-drone systems, while the officials are from the US Department of Commerce and the US Department of Defense’s Defense Innovation Unit, along with Dev Shenoy, principal director for microelectronics in the Office of the Under Secretary of Defense
‘ANONYMOUS 64’: A national security official said that it is an attempt by China to increase domestic anti-Taiwanese sentiment and inflame cross-strait tensions The Ministry of National Defense’s (MND) Information, Communications and Electronic Force Command (ICEFCOM) yesterday denied accusations by China that it had undermined regional security by carrying out cyberattacks against targets in China, adding instead that Beijing was responsible for raising tensions and undermining regional peace. The Chinese Ministry of State Security on WeChat accused a hacker group called “Anonymous 64” of targeting China, Hong Kong and Macau starting earlier this year through frequent cyberattacks. The group carried out cyberattacks to seize control of Web sites, outdoor electronic billboards and video-on-demand platforms in China, Hong Kong and Macau, it said, adding the hackers’