After the Cyber Attack on Microsoft’s email software, there has been no comment on the scope of the attack, although it was specified that the attack was launched by a Chinese cyber espionage group. The Wall Street Journal reported Saturday (March 6) that the attack infected thousands of U.S. businesses, government agencies and schools.
The report, citing information from sources familiar with the matter, said the cyberattack on Microsoft Corp.’s Outlook email software is believed to have affected tens of thousands of customers. And another source said the number could be much larger, or higher than 250,000.
Microsoft has said the victims of the attacks appear to be small businesses, state and local governments, but Microsoft’s source said that while many of those attacked did not have very valuable intelligence themselves, some high-value spy targets may have been involved.
Microsoft said Hackers have been using four flaws in Microsoft Exchange software to break into e-mail accounts, read messages without authorization and install unauthorized software. Cybersecurity professionals call it a zero-day vulnerability because it relies on previously unpublished software bugs that indicate highly skilled hackers.
Microsoft said Tuesday that the culprit was a cyber espionage group called Hafnium. The company has made a software patch available to users.
A Microsoft spokesman said Friday that the company is working with government agencies and security firms to mitigate the impact of the attack. But Microsoft declined to comment on the scope of the attack.
For years, the U.S. government has accused China of widespread attacks on U.S. businesses and government agencies, and China denies the allegations.
Volexity, a cybersecurity firm, was one of the companies to which Microsoft confirmed the attack was reported. Steven Adair, the company’s founder, told the Wall Street Journal that the attackers used a truly stealthy approach that would not have set off alarms. But days before launching the attack, he said, the hackers changed tactics, abandoned the covert operation and began using automated software to scan the Internet for vulnerable servers and infect them. This past weekend, he said, attackers targeted nearly every Exchange server they could find on the Internet.
The Wall Street Journal reported that the suspected Russian-sponsored cyberattack against U.S. government systems and businesses disclosed last December was a relatively surgically precise attack that hit about 100 companies and nine government agencies; by contrast, the most recent incident was more of a shrapnel attack, causing tens of thousands or more victims. Microsoft said the two attacks were not related.
The report said this latest cyber hack has caused widespread concern within the Biden administration, as multiple government officials have tried to warn of its potential severity in recent days. The Cybersecurity and Infrastructure Security Agency (CISA) issued a rare emergency directive this week requiring federal government agencies to immediately patch or disconnect products running Microsoft Exchange software. cisa spoke Friday with more than 4,000 CISA held a conference call Friday with more than 4,000 critical infrastructure partners in the private sector and state and local governments to encourage them to patch their systems.
Speaking to reporters at a news conference Friday, White House Press Secretary Sarah Sachs said the Microsoft breach is worrisome and “could have far-reaching implications” and result in “a large number of victims.”
Recent Comments