Microsoft hack worsens as cyber criminals exploit vulnerabilities
Microsoft’s email software hack has escalated into a “free-for-all” for cyber criminals that has affected tens of thousands of victims in both the private and public sectors.
Dow Jones I.A.
38,460.92
04:30 15/10/20
Microsoft Corp.
$409.06
13:10 24/04/24
Nasdaq 100
17,526.80
12:15 24/04/24
The incident began as a clandestine campaign that targeted “specific individuals” via flaws in Microsoft's popular e-mail software and was led by a Chinese espionage group.
An alert was issued by the US Cybersecurity and Infrastructure Security Agency on Twitter late on Monday urging “ALL organizations across ALL sectors to follow guidance to address the widespread domestic and international exploitation” of four vulnerabilities in Microsoft’s Exchange email application, which the tech company disclosed a week ago.
Microsoft last week blamed a Chinese state-backed hacking group known as Hafnium for conducting the stealthy attacks and later issued fixes for the existing bugs.
According to the Financial Times, experts said that since attention was drawn to the flaws, there has been a flood of attacks by multiple hacking outfits including criminal groups before the systems are totally secured.
Estimates of the total number of victims run as high as 250,000.
The European Banking Authority this week became the first notable body to publicly say it had been compromised.
Attacks follow a hack on SolarWinds - that some of Microsoft’s tech- which affected organisations including the US commerce and Treasury departments. It is known that a group of Russian hackers were behind the campaign.
The attacks have prompted some to urge President Joe Biden to take a more aggressive stance towards China at a time when his government is already exploring penalties including sanctions against Russia for the SolarWinds hack.