At least 30,000 US organizations, including local governments, have been hacked in the past few days by an “unusually aggressive” Chinese cyberespionage campaign, a computer security specialist said.
The campaign has exploited recently discovered flaws in Microsoft Exchange software, stealing e-mails and infecting computer servers with tools that allow attackers to take control remotely, Brian Krebs said in a post on his cybersecurity news Web site.
“This is an active threat,” White House spokeswoman Jennifer Psaki said when asked about the situation during a press briefing.
“Everyone running these servers needs to act now to patch them. We are concerned that there are a large number of victims,” she added.
After Microsoft released patches for the vulnerabilities on Tuesday, attacks “dramatically stepped up” on servers not yet updated with security fixes, said Krebs, who cited unnamed sources familiar with the situation.
“At least 30,000 organizations across the United States — including a significant number of small businesses, towns, cities and local governments — have over the past few days been hacked by an unusually aggressive Chinese cyberespionage unit that’s focused on stealing e-mail from victim organizations,” Krebs wrote in the post.
He reported that insiders said hackers have “seized control” of thousands of computer systems around the world using password-protected software tools slipped into systems.
Microsoft said early this week that a state-sponsored hacking group operating out of China is exploiting previously unknown security flaws in its Exchange e-mail services to steal data from business users.
The company said that the hacking group, which it has named “Hafnium,” is a “highly skilled and sophisticated actor.”
Hafnium has in the past targeted US-based companies, including infectious disease researchers, law firms, universities, defense contractors, think tanks and non-governmental organizations.
In a blog post on Tuesday, Microsoft executive Tom Burt said the company had released updates to fix the security flaws, which apply to on-premises versions of the software rather than cloud-based versions, and urged customers to apply them.
“We know that many nation-state actors and criminal groups will move quickly to take advantage of any unpatched systems,” he added at the time.
Microsoft said the group was based in China, but operated through leased virtual private servers in the US, and that it had briefed the US government.
Beijing has previously hit back at US accusations of state-sponsored cybertheft. Last year, it accused Washington of a smear campaign, following allegations that Chinese hackers were attempting to steal COVID-19 research.
In January, US intelligence and law enforcement agencies said that Russia was probably behind the massive SolarWinds hack that shook the government and corporate security, contradicting then-US president Donald Trump, who had suggested that China could be to blame.
Microsoft said that the Hafnium attacks “were in no way connected to the separate SolarWinds-related attacks.”
AIMED AT TAIWAN? Institute for National Defense and Security Research research fellow Ou Si-fu said chips can be ‘bought off the shelf’ and then used in weapons The Ministry of Economic Affairs (MOEA) yesterday said that chips from Taiwanese semiconductor companies were not making their way into Chinese missiles “to the best of our knowledge.” A report in yesterday’s Washington Post alleged that a Chinese company named Phytium Technology Co (飛騰) used chips made by Taiwan Semiconductor Manufacturing Co (TSMC, 台積電), along with US software, in advanced Chinese military systems. “TSMC has long placed strict controls on their chips. The export of high-tech products from Taiwan is also highly regulated,” Minister of Economic Affairs Wang Mei-hua (王美花) said. “According to our understanding, none of the end uses for those products
HEATED TRAFFIC: As Beijing holds naval drills near Taiwan, the Ministry of National Defense said it had a full grasp of the situation and would handle it ‘appropriately’ A Chinese carrier group exercising near Taiwan is part of what are to be regular drills, the Chinese navy said in a statement late on Monday, further escalating tensions between Taipei and Beijing. The group, including the aircraft carrier Liaoning, was conducting “routine” drills in the waters around Taiwan, a move to “enhance its capability to safeguard national sovereignty, safety and development interests,” the statement said. “Similar exercises will be conducted regularly,” it said, without elaborating. The statement came after the Ministry of National Defense earlier on Monday issued a statement regarding a rise in the number of incursions by Chinese jets into
NO TIME: The driver tried to apply the brakes when he saw the truck, but the train did not have time to come to a full stop, an investigation report said The crane truck that caused last week’s fatal train accident had slid onto the tracks about one-and-a-half minutes before it was struck, the Taiwan Transportation Safety Board said yesterday. The board had launched an investigation into the derailment, which killed 50 people and injured 211 people, making it the nation’s most devastating railway accident in decades. Carrying 494 passengers and four Taiwan Railways Administration personnel, the southbound express train to Taitung hit the truck as it was about to enter the Cingshuei Tunnel (清水隧道) in Hualien’s Sioulin Township (秀林). The train derailed following the collision, with the left side of the eighth
‘IMPORTANT PARTNER’: The new guidelines aim to encourage US engagement with Taiwan, which reflects a deepening relationship, the US Department of State said The US Department of State on Friday issued new guidelines governing US officials’ interactions with their Taiwanese counterparts, a move welcomed by Taipei as turning a new page in bilateral relations. Shortly before leaving office, then-US secretary of state Mike Pompeo on Jan. 9 announced the cancelation of previous contact guidelines, which he said were “self-imposed restrictions” that attempted to appease the Chinese Communist Party regime in Beijing. However, the status of the guidelines has been unclear since US President Joe Biden entered the White House. Asked about the issue during a legislative session on Thursday, Minister of Foreign Affairs Joseph Wu