...
...
Next Story

Flaws in Microsoft’s email software concerns White House, US govt

Microsoft disclosed on Tuesday that nation-state hackers based in China were exploiting previously unknown flaws in on-premise versions of the software and released patches for them.

Updated on: Mar 06, 2021 10:33 PM IST
Bloomberg |
Advertisement

Newly discovered flaws in Microsoft Corp.’s software for email have raised concerns at the highest levels of the US government, which is urging users to immediately apply patches.

At least 30,000 organizations across the US, including significant numbers of small businesses and local governments, have been hacked via holes in Microsoft’s email software in the last few days by suspected Chinese attackers. (Reuters)
At least 30,000 organizations across the US, including significant numbers of small businesses and local governments, have been hacked via holes in Microsoft’s email software in the last few days by suspected Chinese attackers. (Reuters)

At least 30,000 organizations across the US, including significant numbers of small businesses and local governments, have been hacked via holes in Microsoft’s email software in the last few days by suspected Chinese attackers who are focused on stealing email from victims, the blog KrebsonSecurity reported Friday.

“This is a significant vulnerability that could have far-reaching impacts,” said Jen Psaki, the White House press secretary, speaking at a briefing. “We are concerned there are a large number of victims.” She characterized the incident as an “active threat.”

Her remark comes after Microsoft disclosed on Tuesday that nation-state hackers based in China were exploiting previously unknown flaws in on-premise versions of the software and released patches for them. The following day, the Cybersecurity and Infrastructure Security Agency, which is known as CISA and is part of the Department of Homeland Security, issued an emergency directive in response to “observed active exploitation of these products.” As a result, civilian agencies and departments were directed to apply the patches, or disconnect Microsoft Exchange from their networks, and to look for compromises.

The specific targets and timing of the hacking remains unknown. Defense Department spokesman John Kirby said the Pentagon is assessing its systems based on Microsoft’s advisory. The cybersecurity firm FireEye Inc. found that victims included “US-based retailers, local governments, a university, and an engineering firm.” The version of exchange targeted by hackers is typically run by small businesses, putting them at special risk, according to Allan Liska, an analyst at the firm Recorded Future Inc..

A Microsoft representative said the vulnerabilities were disclosed to the company in early January. Microsoft isn’t aware of attacks before then, the representative said.

The cybersecurity firm Volexity reported finding attacks leveraging the flaws that date back to as early as Jan. 6. However, CISA urged operators to look for compromises dating back to September, “out of an abundance of caution,” according to a spokesperson.

A spokesman for the Chinese Foreign Ministry said in a press briefing on March 3 that conclusions on hacks into Microsoft servers should be based on complete evidence and avoid wanton accusations.

 
Get the latest headlines from US news and global updates from Pakistan, Nepal, UK, Bangladesh, Russia and US Iran war Live, get all the latest headlines in one place on Hindustan Times.
Get the latest headlines from US news and global updates from Pakistan, Nepal, UK, Bangladesh, Russia and US Iran war Live, get all the latest headlines in one place on Hindustan Times.
SHARE THIS ARTICLE ON