Categories: World

Chinese hackers hit 30K US organisations in new attack

<p>
<strong>In yet another big cyber-attack after SolarWinds, at least 30,000 organisations across the US, including government and commercial firms, have been hacked by China-based threat actors who used Microsoft's Exchange Server software to enter their networks.</strong></p>
<p>
According to KrebsOnSecurity, the China-based espionage group exploited four vulnerabilities in Microsoft Exchange Server email software.</p>
<p>
The vulnerabilities allowed hackers to gain access to email accounts, and also gave them the ability to install malware, according to Microsoft which reported about the China-based threat actors but did not reveal the scale at which tens of thousands of organisations have been hit.</p>
<p>
Two cybersecurity experts who have briefed US national security advisors on the attack told KrebsOnSecurity the Chinese hacking group seized control over "hundreds of thousands" of Microsoft Exchange Servers worldwide.</p>
<p>
Exchange Server is primarily used by business customers.</p>
<p>
Microsoft has released several security updates to fix the vulnerabilities, advising its customers to install those immediately.</p>
<p>
Earlier this week, Microsoft warned its customers against a new sophisticated nation-state cyber-attack that has its origin in China and is primarily targeting on-premises 'Exchange Server' software of the tech giant.</p>
<p>
Called "Hafnium," it operates from China and is attacking infectious disease researchers, law firms, higher education institutions, defence contractors, policy think tanks and NGOs in the US for the purpose of exfiltrating information.</p>
<p>
"While Hafnium is based in China, it conducts its operations primarily from leased virtual private servers (VPS) in the US," said Tom Burt, Corporate Vice President, Customer Security and Trust at Microsoft.</p>
<p>
This was the eighth time in the past 12 months that Microsoft has publicly disclosed nation-state groups targeting institutions critical to civil society.</p>
<p>
Nine federal agencies and about 100 private sector companies were compromised as a result of an earlier SolarWinds hack, the White House had said.</p>
<p>
In a widespread cyber-attack on US federal agencies and enterprises via SolarWinds software, hackers also broke into the networks of NASA and the Federal Aviation Administration (FAA).</p>
<p>
The Joe Biden administration was preparing sanctions against Russia as the cybercriminals are "likely Russian in origin".</p>
<p>
<em>(IANS)</em></p>
<p>
 </p>
<p>
 </p>
<p>
 </p>
<p>
 </p>
<p>
 </p>

India Narrative

Recent Posts

Protests erupt across PoGB over Kurram attack, shia community seeks justice

Protest demonstrations broke out across different areas of Pakistan-occupied Gilgit-Baltistan after Friday prayers, with thousands…

14 hours ago

UKPNP Slams Pakistan’s Unconstitutional Presidential Order in PoJK

Jamil Maqsood, the President of the Foreign Affairs Committee of the United Kashmir People's National…

17 hours ago

Meeting of ASEAN-India Trade in Goods Agreement committee concludes in Delhi

The 6th meeting of the ASEAN-India Trade in Goods Agreement (AITIGA) Joint Committee concluded in…

17 hours ago

US adds 29 Chinese firms to Uyghur Forced Labor Prevention Act Entity list

The US Department of Homeland Security (DHS), on behalf of the Forced Labor Enforcement Task…

17 hours ago

Tibetan Parliament-in-Exile calls for UK’s action on China’s Abuses

A delegation from the Tibetan Parliament-in-Exile (TPiE), led by Speaker Khenpo Sonam Tenphel and accompanied…

18 hours ago

Indian Dornier 228 aircraft flypast on the sidelines of India-CARICOM Summit

On the sidelines of the 2nd India-CARICOM Summit, leaders of the member countries witnessed a…

18 hours ago