At least 30,000 US organizations, including local governments, have been hacked in the past few days by an “unusually aggressive” Chinese cyberespionage campaign, a computer security specialist said.
The campaign has exploited recently discovered flaws in Microsoft Exchange software, stealing e-mails and infecting computer servers with tools that allow attackers to take control remotely, Brian Krebs said in a post on his cybersecurity news Web site.
“This is an active threat,” White House spokeswoman Jennifer Psaki said when asked about the situation during a press briefing.
Photo: Reuters
“Everyone running these servers needs to act now to patch them. We are concerned that there are a large number of victims,” she added.
After Microsoft released patches for the vulnerabilities on Tuesday, attacks “dramatically stepped up” on servers not yet updated with security fixes, said Krebs, who cited unnamed sources familiar with the situation.
“At least 30,000 organizations across the United States — including a significant number of small businesses, towns, cities and local governments — have over the past few days been hacked by an unusually aggressive Chinese cyberespionage unit that’s focused on stealing e-mail from victim organizations,” Krebs wrote in the post.
He reported that insiders said hackers have “seized control” of thousands of computer systems around the world using password-protected software tools slipped into systems.
Microsoft said early this week that a state-sponsored hacking group operating out of China is exploiting previously unknown security flaws in its Exchange e-mail services to steal data from business users.
The company said that the hacking group, which it has named “Hafnium,” is a “highly skilled and sophisticated actor.”
Hafnium has in the past targeted US-based companies, including infectious disease researchers, law firms, universities, defense contractors, think tanks and non-governmental organizations.
In a blog post on Tuesday, Microsoft executive Tom Burt said the company had released updates to fix the security flaws, which apply to on-premises versions of the software rather than cloud-based versions, and urged customers to apply them.
“We know that many nation-state actors and criminal groups will move quickly to take advantage of any unpatched systems,” he added at the time.
Microsoft said the group was based in China, but operated through leased virtual private servers in the US, and that it had briefed the US government.
Beijing has previously hit back at US accusations of state-sponsored cybertheft. Last year, it accused Washington of a smear campaign, following allegations that Chinese hackers were attempting to steal COVID-19 research.
In January, US intelligence and law enforcement agencies said that Russia was probably behind the massive SolarWinds hack that shook the government and corporate security, contradicting then-US president Donald Trump, who had suggested that China could be to blame.
Microsoft said that the Hafnium attacks “were in no way connected to the separate SolarWinds-related attacks.”
A signaling system malfunction disrupted high-speed rail (HSR) services beginning at 8am today, with trains temporarily reduced to three northbound and three southbound trains per hour as authorities conduct inspections. The malfunction occurred on a section of track in Miaoli County during pre-operation checks early this morning, forcing northbound and southbound trains to use a single track, the HSR operator said. The regular schedule has been replaced with three hourly trains offering only nonreserved seating in each direction, stopping at every station, it said, adding that business class cars would still have reserved seating. Departures from terminal stations are scheduled at the top
DRONE CENTRAL: Taiwan aims to become Asia’s democratic hub for drones, with most exports focused on high-quality military-grade models, an official said Taiwan’s drone industry is expected to expand significantly by 2030, producing 100,000 units per month and exporting half of them, the Ministry of Economic Affairs said yesterday. Current drone production capacity is about 15,000 units per month, but the industry can quickly scale up as demand increases, Industrial Development Administration Director-General Chiou Chyou-huey (邱求慧) told a news conference in Taipei. Taiwan’s drone output grew 2.5-fold last year to NT$12.9 billion (US$408.3 million) under a government program to develop the uncrewed vehicle sector, he said. The Executive Yuan in October last year approved plans to invest NT$44.2 billion into domestic production of uncrewed aerial
VERBOSE VESSELS: A CGA cutter and a China Coast Guard exchanged verbal barbs for more than a day in Taiwanese-controlled waters before the Chinese vessel left The Taiwanese and Chinese coast guards had a standoff near the strategically located Pratas Islands (Dongsha Islands, 東沙群島) in the north of the South China Sea, the Coast Guard Administration (CGA) said yesterday. The two sides engaged in intense radio exchanges over sovereignty claims during the 33-hour standoff. China Coast Guard vessel 3501 eventually left the restricted waters, 26.6 nautical miles (49.2km) west of the Pratas Islands, at 5pm yesterday, the CGA said. Lying approximately between southern Taiwan and Hong Kong, the Taiwan-controlled Pratas are seen by some security experts as vulnerable to Chinese attack due to their distance — more than
WARNING: China should stop engaging in actions that undermine regional peace and stability, as it would only build resentment among people across the Strait, the CGA said China has deployed more than 100 navy, coast guard and other vessels in waters from the Yellow Sea to the South China Sea and the western Pacific since US President Donald Trump and Chinese President Xi Jinping (習近平) met in Beijing, National Security Council Secretary-General Joseph Wu (吳釗燮) said yesterday. “In this part of the world, #China is the one & only PROBLEM wrecking the #StatusQuo & threatening regional peace & stability,” Wu wrote on X. In a separate post, he said Beijing was coercing Taiwan’s maritime domain, calling it illegal and provocative, after the Coast Guard Administration (CGA) expelled a
RSS