At least 30,000 US organizations, including local governments, have been hacked in the past few days by an “unusually aggressive” Chinese cyberespionage campaign, a computer security specialist said.
The campaign has exploited recently discovered flaws in Microsoft Exchange software, stealing e-mails and infecting computer servers with tools that allow attackers to take control remotely, Brian Krebs said in a post on his cybersecurity news Web site.
“This is an active threat,” White House spokeswoman Jennifer Psaki said when asked about the situation during a press briefing.
Photo: Reuters
“Everyone running these servers needs to act now to patch them. We are concerned that there are a large number of victims,” she added.
After Microsoft released patches for the vulnerabilities on Tuesday, attacks “dramatically stepped up” on servers not yet updated with security fixes, said Krebs, who cited unnamed sources familiar with the situation.
“At least 30,000 organizations across the United States — including a significant number of small businesses, towns, cities and local governments — have over the past few days been hacked by an unusually aggressive Chinese cyberespionage unit that’s focused on stealing e-mail from victim organizations,” Krebs wrote in the post.
He reported that insiders said hackers have “seized control” of thousands of computer systems around the world using password-protected software tools slipped into systems.
Microsoft said early this week that a state-sponsored hacking group operating out of China is exploiting previously unknown security flaws in its Exchange e-mail services to steal data from business users.
The company said that the hacking group, which it has named “Hafnium,” is a “highly skilled and sophisticated actor.”
Hafnium has in the past targeted US-based companies, including infectious disease researchers, law firms, universities, defense contractors, think tanks and non-governmental organizations.
In a blog post on Tuesday, Microsoft executive Tom Burt said the company had released updates to fix the security flaws, which apply to on-premises versions of the software rather than cloud-based versions, and urged customers to apply them.
“We know that many nation-state actors and criminal groups will move quickly to take advantage of any unpatched systems,” he added at the time.
Microsoft said the group was based in China, but operated through leased virtual private servers in the US, and that it had briefed the US government.
Beijing has previously hit back at US accusations of state-sponsored cybertheft. Last year, it accused Washington of a smear campaign, following allegations that Chinese hackers were attempting to steal COVID-19 research.
In January, US intelligence and law enforcement agencies said that Russia was probably behind the massive SolarWinds hack that shook the government and corporate security, contradicting then-US president Donald Trump, who had suggested that China could be to blame.
Microsoft said that the Hafnium attacks “were in no way connected to the separate SolarWinds-related attacks.”
The Taipei MRT is open all night tonight following New Year’s Eve festivities, and is offering free rides from nearby Green Line stations. Taipei’s 2025 New Year’s Eve celebrations kick off at Taipei City Hall Square tonight, with performances from the boy band Energy, the South Korean girl group Apink, and singers Gigi Leung (梁詠琪) and Faith Yang (楊乃文). Taipei 101’s annual New Year’s firework display follows at midnight, themed around Taiwan’s Premier12 baseball championship. Estimates say there will be about 200,000 people in attendance, which is more than usual as this year’s celebrations overlap with A-mei’s (張惠妹) concert at Taipei Dome. There are
LOOKING FOR WHEELS: The military is seeking 8x8 single-chassis vehicles to test the new missile and potentially replace the nation’s existing launch vehicles, the source said Taiwan is developing a hypersonic missile based on the Ching Tien (擎天) supersonic cruise missile, and a Czech-made truck has been tentatively selected as its launch vehicle, a source said yesterday. The Ching Tien, formerly known as Yun Feng (雲峰, “Cloud Peak”), is a domestically developed missile with a range of 1,200km to 2,000km being deployed in casemate-type positions as of last month, an official said, speaking on the condition of anonymity. The hypersonic missile to be derived from the Ching Tien would feature improved range and a mobile launch platform, while the latter would most likely be a 12x12 single chassis
UP AND DOWN: The route would include a 16.4km underground section from Zuoying to Fongshan and a 9.5km elevated part from Fongshan to Pingtung Premier Cho Jung-tai (卓榮泰) yesterday confirmed a project to extend the high-speed rail (HSR) to Pingtung County through Kaohsiung. Cho made the announcement at a ceremony commemorating the completion of a dome at Kaohsiung Main Station. The Ministry of Transportation and Communications approved the HSR expansion in 2019 using a route that branches off a line from Zuoying Station in Kaohsiung’s Zuoying District (左營). The project was ultimately delayed due to a lack of support for the route. The Zuoying route would have trains stop at the Zuoying Station and return to a junction before traveling southward to Pingtung County’s Lioukuaicuo Township (六塊厝).
The Mainland Affairs Council (MAC) yesterday vowed to investigate claims made in a YouTube video about China’s efforts to politically influence young Taiwanese and encourage them to apply for Chinese ID cards. The council’s comments follow Saturday’s release of a video by Taiwanese rapper Chen Po-yuan (陳柏源) and YouTuber “Pa Chiung (八炯)” on China’s “united front” tactics. It is the second video on the subject the pair have released this month. In the video, Chen visits the Taiwan Youth Entrepreneurship Park in Quanzhou in China’s Fujian Province and the Strait Herald news platform in Xiamen, China. The Strait Herald — owned by newspaper
RSS