At least 30,000 US organizations, including local governments, have been hacked in the past few days by an “unusually aggressive” Chinese cyberespionage campaign, a computer security specialist said.
The campaign has exploited recently discovered flaws in Microsoft Exchange software, stealing e-mails and infecting computer servers with tools that allow attackers to take control remotely, Brian Krebs said in a post on his cybersecurity news Web site.
“This is an active threat,” White House spokeswoman Jennifer Psaki said when asked about the situation during a press briefing.
Photo: Reuters
“Everyone running these servers needs to act now to patch them. We are concerned that there are a large number of victims,” she added.
After Microsoft released patches for the vulnerabilities on Tuesday, attacks “dramatically stepped up” on servers not yet updated with security fixes, said Krebs, who cited unnamed sources familiar with the situation.
“At least 30,000 organizations across the United States — including a significant number of small businesses, towns, cities and local governments — have over the past few days been hacked by an unusually aggressive Chinese cyberespionage unit that’s focused on stealing e-mail from victim organizations,” Krebs wrote in the post.
He reported that insiders said hackers have “seized control” of thousands of computer systems around the world using password-protected software tools slipped into systems.
Microsoft said early this week that a state-sponsored hacking group operating out of China is exploiting previously unknown security flaws in its Exchange e-mail services to steal data from business users.
The company said that the hacking group, which it has named “Hafnium,” is a “highly skilled and sophisticated actor.”
Hafnium has in the past targeted US-based companies, including infectious disease researchers, law firms, universities, defense contractors, think tanks and non-governmental organizations.
In a blog post on Tuesday, Microsoft executive Tom Burt said the company had released updates to fix the security flaws, which apply to on-premises versions of the software rather than cloud-based versions, and urged customers to apply them.
“We know that many nation-state actors and criminal groups will move quickly to take advantage of any unpatched systems,” he added at the time.
Microsoft said the group was based in China, but operated through leased virtual private servers in the US, and that it had briefed the US government.
Beijing has previously hit back at US accusations of state-sponsored cybertheft. Last year, it accused Washington of a smear campaign, following allegations that Chinese hackers were attempting to steal COVID-19 research.
In January, US intelligence and law enforcement agencies said that Russia was probably behind the massive SolarWinds hack that shook the government and corporate security, contradicting then-US president Donald Trump, who had suggested that China could be to blame.
Microsoft said that the Hafnium attacks “were in no way connected to the separate SolarWinds-related attacks.”
US President Donald Trump yesterday announced sweeping "reciprocal tariffs" on US trading partners, including a 32 percent tax on goods from Taiwan that is set to take effect on Wednesday. At a Rose Garden event, Trump declared a 10 percent baseline tax on imports from all countries, with the White House saying it would take effect on Saturday. Countries with larger trade surpluses with the US would face higher duties beginning on Wednesday, including Taiwan (32 percent), China (34 percent), Japan (24 percent), South Korea (25 percent), Vietnam (46 percent) and Thailand (36 percent). Canada and Mexico, the two largest US trading
China's military today said it began joint army, navy and rocket force exercises around Taiwan to "serve as a stern warning and powerful deterrent against Taiwanese independence," calling President William Lai (賴清德) a "parasite." The exercises come after Lai called Beijing a "foreign hostile force" last month. More than 10 Chinese military ships approached close to Taiwan's 24 nautical mile (44.4km) contiguous zone this morning and Taiwan sent its own warships to respond, two senior Taiwanese officials said. Taiwan has not yet detected any live fire by the Chinese military so far, one of the officials said. The drills took place after US Secretary
CHIP EXCEPTION: An official said that an exception for Taiwanese semiconductors would have a limited effect, as most are packaged in third nations before being sold The Executive Yuan yesterday decried US President Donald Trump’s 32 percent tariff on Taiwanese goods announced hours earlier as “unfair,” saying it would lodge a representation with Washington. The Cabinet in a statement described the pledged US tariffs, expected to take effect on Wednesday next week, as “deeply unreasonable” and “highly regrettable.” Cabinet spokeswoman Michelle Lee (李慧芝) said that the government would “lodge a solemn representation” with the US Trade Representative and continue negotiating with Washington to “ensure the interests of our nation and industries.” Trump at a news conference in Washington on Wednesday announced a 10 percent baseline tariff on most goods
THUGGISH BEHAVIOR: Encouraging people to report independence supporters is another intimidation tactic that threatens cross-strait peace, the state department said China setting up an online system for reporting “Taiwanese independence” advocates is an “irresponsible and reprehensible” act, a US government spokesperson said on Friday. “China’s call for private individuals to report on alleged ‘persecution or suppression’ by supposed ‘Taiwan independence henchmen and accomplices’ is irresponsible and reprehensible,” an unnamed US Department of State spokesperson told the Central News Agency in an e-mail. The move is part of Beijing’s “intimidation campaign” against Taiwan and its supporters, and is “threatening free speech around the world, destabilizing the Indo-Pacific region, and deliberately eroding the cross-strait status quo,” the spokesperson said. The Chinese Communist Party’s “threats
RSS