At least 30,000 US organizations, including local governments, have been hacked in the past few days by an “unusually aggressive” Chinese cyberespionage campaign, a computer security specialist said.
The campaign has exploited recently discovered flaws in Microsoft Exchange software, stealing e-mails and infecting computer servers with tools that allow attackers to take control remotely, Brian Krebs said in a post on his cybersecurity news Web site.
“This is an active threat,” White House spokeswoman Jennifer Psaki said when asked about the situation during a press briefing.
Photo: Reuters
“Everyone running these servers needs to act now to patch them. We are concerned that there are a large number of victims,” she added.
After Microsoft released patches for the vulnerabilities on Tuesday, attacks “dramatically stepped up” on servers not yet updated with security fixes, said Krebs, who cited unnamed sources familiar with the situation.
“At least 30,000 organizations across the United States — including a significant number of small businesses, towns, cities and local governments — have over the past few days been hacked by an unusually aggressive Chinese cyberespionage unit that’s focused on stealing e-mail from victim organizations,” Krebs wrote in the post.
He reported that insiders said hackers have “seized control” of thousands of computer systems around the world using password-protected software tools slipped into systems.
Microsoft said early this week that a state-sponsored hacking group operating out of China is exploiting previously unknown security flaws in its Exchange e-mail services to steal data from business users.
The company said that the hacking group, which it has named “Hafnium,” is a “highly skilled and sophisticated actor.”
Hafnium has in the past targeted US-based companies, including infectious disease researchers, law firms, universities, defense contractors, think tanks and non-governmental organizations.
In a blog post on Tuesday, Microsoft executive Tom Burt said the company had released updates to fix the security flaws, which apply to on-premises versions of the software rather than cloud-based versions, and urged customers to apply them.
“We know that many nation-state actors and criminal groups will move quickly to take advantage of any unpatched systems,” he added at the time.
Microsoft said the group was based in China, but operated through leased virtual private servers in the US, and that it had briefed the US government.
Beijing has previously hit back at US accusations of state-sponsored cybertheft. Last year, it accused Washington of a smear campaign, following allegations that Chinese hackers were attempting to steal COVID-19 research.
In January, US intelligence and law enforcement agencies said that Russia was probably behind the massive SolarWinds hack that shook the government and corporate security, contradicting then-US president Donald Trump, who had suggested that China could be to blame.
Microsoft said that the Hafnium attacks “were in no way connected to the separate SolarWinds-related attacks.”
OPTIMISTIC: The DGBAS sharply upgraded its GDP growth estimate from 3.54 percent to 7.71 percent after the Taiwan-US trade agreement signing and given AI optimism The US imported more from Taiwan than China for the first time in decades, as US President Donald Trump’s tariffs reshape trade flows while a global boom in artificial intelligence (AI) fuels demand for tech products. US purchases of goods from China plunged almost 44 percent in December last year from 2024 to US$21.1 billion, US Department of Commerce data showed on Thursday. By contrast, shipments from Taiwan more than doubled during the same period to US$24.7 billion. The soaring Taiwanese shipments to the US reflect the huge expansion in supplies of chips and servers for AI companies, which has completely changed
The Central Election Commission has amended election and recall regulations to require elected office candidates to provide proof that they have no Chinese citizenship, a Cabinet report said. The commission on Oct. 29 last year revised the Measures for the Permission of Family-based Residence, Long-term Residence and Settlement of People from the Mainland Area in the Taiwan Area (大陸地區人民在台灣地區依親居留長期居留或定居許可辦法), the Executive Yuan said in a report it submitted to the legislature for review. The revision requires Chinese citizens applying for permanent residency to submit notarial documents showing that they have lost their Chinese household record and have renounced — or have never
US and Chinese fighter jets briefly faced off above waters near the Korean Peninsula this week, Yonhap News agency reported, marking a rare confrontation in that area between the two superpowers. About 10 US fighter jets on Wednesday departed an airbase in Pyeongtaek, South Korea, for drills above international waters off South Korea’s western coast, the news outlet cited unidentified military sources as saying. While the US planes did not enter China’s air defense identification zone, Beijing scrambled planes as they neared that region, the report said. “The Chinese People’s Liberation Army organized naval and air forces to monitor and effectively respond
Taiwan has secured another breakthrough in fruit exports, with jujubes, dragon fruit and lychees approved for shipment to the EU, the Ministry of Agriculture said yesterday. The Animal and Plant Health Inspection Agency on Thursday received formal notification of the approval from the EU, the ministry said, adding that the decision was expected to expand Taiwanese fruit producers’ access to high-end European markets. Taiwan exported 126 tonnes of lychees last year, valued at US$1.48 million, with Japan accounting for 102 tonnes. Other export destinations included New Zealand, Hong Kong, the US and Australia, ministry data showed. Jujube exports totaled 103 tonnes, valued at
RSS