Pages

Friday, March 19, 2021

The Solar Winds Hack Was Not The Worst

 

          Yesterday I listened to a most-fascinating and enlightening podcast from the FT of London. It was an interview with their resident cybersecurity expert. I have always assumed that the hack by Russian intelligence operatives of Solar Winds was the most damaging hack in US history. The resident expert discussed this hack in detail. He dismissed it as a routine matter. He said: "Do not be too concerned. Retaliation is not required."

        He then turned to the Chinese hack of Microsoft. He said this was a much more serious and irresponsible hack. He said that it caused much more damage. He called for retaliation.

            There is a saying in English: "Speak of the devil." I got this warning early this morning from one of my computer-security services as follows:

 

 

Lookout Breach Report

 

 

 

 

At least 30,000 organizations hacked in a massive breach of Microsoft Exchange email software

 

Starting in January 2021, cyberattacks exploited four vulnerabilities in on-premises Microsoft Exchange Servers, which provided hackers with full access to user emails and passwords, administrator privileges, and broader access to devices on the network. On March 12, Microsoft announced that a new family of ransomware is being deployed to servers initially infected, encrypting all files, making the servers inoperable and demanding payment to reverse the damage. At least 30,000 organizations across the United States — including a significant number of small businesses, towns, cities and local governments — have over the past few days been hacked. Microsoft said a Chinese hacking crew called ‘Hafnium’ is responsible for the attack and continues to target email systems used by a range of industry sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs.

 

Read More

https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/

 

Next Steps:

Potentially affected customers should apply the security patches released by Microsoft and exercise incident response to mitigate risk and remediate any damage. Organizations should also evaluate their cybersecurity defense to ensure they have comprehensive endpoint-to-cloud protection in place.

 

Breach occurred on March 2021

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)