Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Technology

More than 20,000 U.S. organizations compromised through Microsoft flaw -source

2021 03 05T172541Z 1 LYNXNPEH24176 RTROPTP 4 USA CYBER MICROSOFT - Global Banking | Finance

By Joseph Menn, Raphael Satter and Trevor Hunnicutt

WASHINGTON (Reuters) – More than 20,000 U.S. organizations have been compromised through a back door installed via recently patched flaws in Microsoft Corp’s email software, a person familiar with the U.S. government’s response said on Friday.

The hacking has already reached more places than all of the tainted code downloaded from SolarWinds Corp, the company at the heart of another massive hacking spree uncovered in December.

The latest hack has left channels for remote access spread among credit unions, town governments and small businesses, according to records from the U.S. investigation.

Tens of thousands of organizations in Asia and Europe are also affected, the records show.

The hacks are continuing despite emergency patches issued by Microsoft on Tuesday.

Microsoft, which had initially said the hacks consisted of “limited and targeted attacks,” declined to comment on the scale of the problem on Friday but said it was working with government agencies and security companies to provide help to customers.

It added, “impacted customers should contact our support teams for additional help and resources.”

One scan of connected devices showed only 10% of those vulnerable had installed the patches by Friday, though the number was rising.

Because installing the patch does not get rid of the back doors, U.S. officials are racing to figure out how to notify all the victims and guide them in their hunt.

All of those affected appear to run Web versions of email client Outlook and host them on their own machines, instead of relying on cloud providers. That may have spared many of the biggest companies and federal government agencies, the records suggest.

The federal Cybersecurity and Infrastructure Security Agency did not respond to a request for comment.

Earlier on Friday, White House press secretary Jen Psaki told reporters that the vulnerabilities found in Microsoft’s widely used Exchange servers were “significant,” and “could have far-reaching impacts.”

“We’re concerned that there are a large number of victims,” Psaki said.

Microsoft and the person working with the U.S. response blamed the initial wave of attacks on a Chinese government-backed actor. A Chinese government spokesman said the country was not behind the intrusions.

What started as a controlled attack late last year against a few classic espionage targets grew last month to a widespread campaign. Security officials said that implied that unless China had changed tactics, a second group may have become involved.

More attacks are expected from other hackers as the code used to take control of the mail servers spreads.

The hackers have only used the back doors to re-enter and move around the infected networks in a small percentage of cases, probably less than 1 in 10, the person working with the government said.

“A couple hundred guys are exploiting them as fast as they can,” stealing data and installing other ways to return later, he said.

The initial avenue of attack was discovered by prominent Taiwanese cyber researcher Cheng-Da Tsai, who said he reported the flaw to Microsoft in January. He said in a blog post that he was investigating whether the information leaked.

He did not respond to requests for further comment.

(Reporting by Raphael Satter and Trevor Hunnicutt in Washington and Joseph Menn in San Francisco; Editing by Matthew Lewis and Rosalba O’Brien)

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post