Chinese cyber-espionage unit on US hacking spree
SAN FRANCISCO: At least 30,000 US organisations including local governments have been hacked in recent days by an "unusually aggressive" Chinese cyber-espionage campaign, according to a computer security specialist.
The campaign has exploited recently discovered flaws in Microsoft Exchange software, stealing email and infecting computer servers with tools that let attackers take control remotely, Brian Krebs said in a post at his cyber security news website.
"This is an active threat," White House spokeswoman Jennifer Psaki said when asked about the situation during a press briefing.
"Everyone running these servers needs to act now to patch them. We are concerned that there are a large number of victims," she added.
After Microsoft released patches for the vulnerabilities on Tuesday, attacks "dramatically stepped up" on servers not yet updated with security fixes, said Krebs, who cited unnamed sources familiar with the situation.
"At least 30,000 organizations across the United States -- including a significant number of small businesses, towns, cities and local governments -- have over the past few days been hacked by an unusually aggressive Chinese cyber espionage unit that’s focused on stealing email from victim organizations," Krebs wrote in the post.
He reported that insiders said hackers have "seized control" of thousands of computer systems around the world using password-protected software tools slipped into systems.
Microsoft said early this week that a state-sponsored hacking group operating out of China is exploiting previously unknown security flaws in its Exchange email services to steal data from business users. The company said the hacking group, which it has named "Hafnium", is a "highly skilled and sophisticated actor."
Hafnium has in the past targeted US-based companies including infectious disease researchers, law firms, universities, defense contractors, think tanks, and NGOs.
In a blog post on Tuesday, Microsoft executive Tom Burt said the company had released updates to fix the security flaws, which apply to on-premises versions of the software rather than cloud-based versions, and urged customers to apply them.
"We know that many nation-state actors and criminal groups will move quickly to take advantage of any unpatched systems," he added at the time.
-
King Charles, Princess Anne, Prince Edward Still Shield Andrew From Police -
US Set To Block Chinese Software From Smart And Connected Cars -
Carmen Electra Says THIS Taught Her Romance -
Leonardo DiCaprio's Co-star Reflects On His Viral Moment At Golden Globes -
SpaceX Pivots From Mars Plans To Prioritize 2027 Moon Landing -
King Charles Still Cares About Meghan Markle -
J. Cole Brings Back Old-school CD Sales For 'The Fall-Off' Release -
GTA 6 Built By Hand, Street By Street, Rockstar Confirms Ahead Of Launch -
Funeral Home Owner Sentenced To 40 Years For Selling Corpses, Faking Ashes -
Why Is Thor Portrayed Differently In Marvel Movies? -
Dutch Seismologist Hints At 'surprise’ Quake In Coming Days -
Australia’s Liberal-National Coalition Reunites After Brief Split Over Hate Laws -
DC Director Gives Hopeful Message As Questions Raised Over 'Blue Beetle's Future -
King Charles New Plans For Andrew In Norfolk Exposed -
What You Need To Know About Ischemic Stroke -
Shocking Reason Behind Type 2 Diabetes Revealed By Scientists