At least 30,000 US organizations, including local governments, have been hacked in the past few days by an “unusually aggressive” Chinese cyberespionage campaign, a computer security specialist said.
The campaign has exploited recently discovered flaws in Microsoft Exchange software, stealing e-mails and infecting computer servers with tools that allow attackers to take control remotely, Brian Krebs said in a post on his cybersecurity news Web site.
“This is an active threat,” White House spokeswoman Jennifer Psaki said when asked about the situation during a press briefing.
Photo: Reuters
“Everyone running these servers needs to act now to patch them. We are concerned that there are a large number of victims,” she added.
After Microsoft released patches for the vulnerabilities on Tuesday, attacks “dramatically stepped up” on servers not yet updated with security fixes, said Krebs, who cited unnamed sources familiar with the situation.
“At least 30,000 organizations across the United States — including a significant number of small businesses, towns, cities and local governments — have over the past few days been hacked by an unusually aggressive Chinese cyberespionage unit that’s focused on stealing e-mail from victim organizations,” Krebs wrote in the post.
He reported that insiders said hackers have “seized control” of thousands of computer systems around the world using password-protected software tools slipped into systems.
Microsoft said early this week that a state-sponsored hacking group operating out of China is exploiting previously unknown security flaws in its Exchange e-mail services to steal data from business users.
The company said that the hacking group, which it has named “Hafnium,” is a “highly skilled and sophisticated actor.”
Hafnium has in the past targeted US-based companies, including infectious disease researchers, law firms, universities, defense contractors, think tanks and non-governmental organizations.
In a blog post on Tuesday, Microsoft executive Tom Burt said the company had released updates to fix the security flaws, which apply to on-premises versions of the software rather than cloud-based versions, and urged customers to apply them.
“We know that many nation-state actors and criminal groups will move quickly to take advantage of any unpatched systems,” he added at the time.
Microsoft said the group was based in China, but operated through leased virtual private servers in the US, and that it had briefed the US government.
Beijing has previously hit back at US accusations of state-sponsored cybertheft. Last year, it accused Washington of a smear campaign, following allegations that Chinese hackers were attempting to steal COVID-19 research.
In January, US intelligence and law enforcement agencies said that Russia was probably behind the massive SolarWinds hack that shook the government and corporate security, contradicting then-US president Donald Trump, who had suggested that China could be to blame.
Microsoft said that the Hafnium attacks “were in no way connected to the separate SolarWinds-related attacks.”
SECURITY: As China is ‘reshaping’ Hong Kong’s population, Taiwan must raise the eligibility threshold for applications from Hong Kongers, Chiu Chui-cheng said When Hong Kong and Macau citizens apply for residency in Taiwan, it would be under a new category that includes a “national security observation period,” Mainland Affairs Council (MAC) Minister Chiu Chui-cheng (邱垂正) said yesterday. President William Lai (賴清德) on March 13 announced 17 strategies to counter China’s aggression toward Taiwan, including incorporating national security considerations into the review process for residency applications from Hong Kong and Macau citizens. The situation in Hong Kong is constantly changing, Chiu said to media yesterday on the sidelines of the Taipei Technology Run hosted by the Taipei Neihu Technology Park Development Association. With
CARROT AND STICK: While unrelenting in its military threats, China attracted nearly 40,000 Taiwanese to over 400 business events last year Nearly 40,000 Taiwanese last year joined industry events in China, such as conferences and trade fairs, supported by the Chinese government, a study showed yesterday, as Beijing ramps up a charm offensive toward Taipei alongside military pressure. China has long taken a carrot-and-stick approach to Taiwan, threatening it with the prospect of military action while reaching out to those it believes are amenable to Beijing’s point of view. Taiwanese security officials are wary of what they see as Beijing’s influence campaigns to sway public opinion after Taipei and Beijing gradually resumed travel links halted by the COVID-19 pandemic, but the scale of
A US Marine Corps regiment equipped with Naval Strike Missiles (NSM) is set to participate in the upcoming Balikatan 25 exercise in the Luzon Strait, marking the system’s first-ever deployment in the Philippines. US and Philippine officials have separately confirmed that the Navy Marine Expeditionary Ship Interdiction System (NMESIS) — the mobile launch platform for the Naval Strike Missile — would take part in the joint exercise. The missiles are being deployed to “a strategic first island chain chokepoint” in the waters between Taiwan proper and the Philippines, US-based Naval News reported. “The Luzon Strait and Bashi Channel represent a critical access
Pope Francis is be laid to rest on Saturday after lying in state for three days in St Peter’s Basilica, where the faithful are expected to flock to pay their respects to history’s first Latin American pontiff. The cardinals met yesterday in the Vatican’s synod hall to chart the next steps before a conclave begins to choose Francis’ successor, as condolences poured in from around the world. According to current norms, the conclave must begin between May 5 and 10. The cardinals set the funeral for Saturday at 10am in St Peter’s Square, to be celebrated by the dean of the College
RSS