Estimated reading time: 1 minute, 36 seconds

How the Microsoft Hack Grew Into a Global Debacle

What started as a stealth Chinese spying operation aimed at “very specific” people through previously undiscovered flaws in Microsoft’s Exchange email software has transformed into a global hacking crisis affecting tens of thousands of organizations. That’s according to various reports.

microsoft 80658 640smallOn March 2, Microsoft disclosed the vulnerabilities and blamed the zero-day attacks on a Chinese state-backed group called Hafnium. But experts told the Financial Times that criminal groups and other hacking outfits have been stampeding to attack victims before their networks are locked down. By March 8, the U.S. Cybersecurity and Infrastructure Agency had taken to Twitter warning “ALL organizations across ALL sectors to follow guidance to address the widespread domestic and international exploitation.”

The first prominent entity to acknowledge that it was compromised due to the Microsoft hack was the European Banking Authority, Europe’s banking watchdog. Others were likely to follow.

The White House has called on information technology pros to take extra precautions to be sure their networks had not been breached, as Reuters reports. “This is an active threat still developing, and we urge network operators to take it very seriously,” a Biden administration official said. The White House was reportedly setting up a task force in response to the attack.

According to the Associated Press, victims of the piggyback attacks run the gamut, including retailers, healthcare organizations, law firms and manufacturers. Many are small and mid-size businesses, reports Bloomberg.

An early estimate by cybersecurity blogger Brian Krebs put the toll at 30,000 U.S. victims. Dmitri Alperovitch, former chief technical officer of the cybersecurity firm CrowdStrike, put the global figure at roughly 250,000 victims.

Hackers have been exploiting four specific Microsoft Exchange vulnerabilities, as Gizmodo notes, and the software giant has posted patches on its website.

As Axios points out, while the Biden administration is already considering how to address Russia’s role in the SolarWinds attacks, now the White House faces another difficult decision on China.

Read 298 times
Rate this item
(0 votes)

Visit other PMG Sites:

click me
PMG360 is committed to protecting the privacy of the personal data we collect from our subscribers/agents/customers/exhibitors and sponsors. On May 25th, the European's GDPR policy will be enforced. Nothing is changing about your current settings or how your information is processed, however, we have made a few changes. We have updated our Privacy Policy and Cookie Policy to make it easier for you to understand what information we collect, how and why we collect it.