Breaking News
0
Ad-Free Version. Upgrade your Investing.com experience. Save up to 40% More details

More than 20,000 U.S. organizations compromised through Microsoft flaw

TechnologyMar 06, 2021 06:30AM ET
Saved. See Saved Items.
This article has already been saved in your Saved Items
 
© Reuters. FILE PHOTO: Microsoft logo on an office building in New York

By Joseph Menn, Raphael Satter and Trevor Hunnicutt

WASHINGTON (Reuters) - More than 20,000 U.S. organizations have been compromised through a back door installed via recently patched flaws in Microsoft Corp (NASDAQ:MSFT)'s email software, a person familiar with the U.S. government's response said on Friday.

The hacking has already reached more places than all of the tainted code downloaded from SolarWinds Corp, the company at the heart of another massive hacking spree uncovered in December.

The latest hack has left channels for remote access spread among credit unions, town governments and small businesses, according to records from the U.S. investigation.

Tens of thousands of organizations in Asia and Europe are also affected, the records show.

The hacks are continuing despite emergency patches issued by Microsoft on Tuesday.

Microsoft, which had initially said the hacks consisted of "limited and targeted attacks," declined to comment on the scale of the problem on Friday but said it was working with government agencies and security companies to provide help to customers.

It added, "impacted customers should contact our support teams for additional help and resources."

One scan of connected devices showed only 10% of those vulnerable had installed the patches by Friday, though the number was rising.

Because installing the patch does not get rid of the back doors, U.S. officials are racing to figure out how to notify all the victims and guide them in their hunt.

All of those affected appear to run Web versions of email client Outlook and host them on their own machines, instead of relying on cloud providers. That may have spared many of the biggest companies and federal government agencies, the records suggest.

The federal Cybersecurity and Infrastructure Security Agency did not respond to a request for comment.

Earlier on Friday, White House press secretary Jen Psaki told reporters that the vulnerabilities found in Microsoft's widely used Exchange servers were "significant," and "could have far-reaching impacts."

"We're concerned that there are a large number of victims," Psaki said.

Microsoft and the person working with the U.S. response blamed the initial wave of attacks on a Chinese government-backed actor. A Chinese government spokesman said the country was not behind the intrusions.

What started as a controlled attack late last year against a few classic espionage targets grew last month to a widespread campaign. Security officials said that implied that unless China had changed tactics, a second group may have become involved.

More attacks are expected from other hackers as the code used to take control of the mail servers spreads.

The hackers have only used the back doors to re-enter and move around the infected networks in a small percentage of cases, probably less than 1 in 10, the person working with the government said.

"A couple hundred guys are exploiting them as fast as they can," stealing data and installing other ways to return later, he said.

The initial avenue of attack was discovered by prominent Taiwanese cyber researcher Cheng-Da Tsai, who said he reported the flaw to Microsoft in January. He said in a blog post that he was investigating whether the information leaked.

He did not respond to requests for further comment.

More than 20,000 U.S. organizations compromised through Microsoft flaw
 

Related Articles

Add a Comment

Comment Guidelines

We encourage you to use comments to engage with users, share your perspective and ask questions of authors and each other. However, in order to maintain the high level of discourse we’ve all come to value and expect, please keep the following criteria in mind: 

  • Enrich the conversation
  • Stay focused and on track. Only post material that’s relevant to the topic being discussed.
  • Be respectful. Even negative opinions can be framed positively and diplomatically.
  •  Use standard writing style. Include punctuation and upper and lower cases.
  • NOTE: Spam and/or promotional messages and links within a comment will be removed
  • Avoid profanity, slander or personal attacks directed at an author or another user.
  • Don’t Monopolize the Conversation. We appreciate passion and conviction, but we also believe strongly in giving everyone a chance to air their thoughts. Therefore, in addition to civil interaction, we expect commenters to offer their opinions succinctly and thoughtfully, but not so repeatedly that others are annoyed or offended. If we receive complaints about individuals who take over a thread or forum, we reserve the right to ban them from the site, without recourse.
  • Only English comments will be allowed.

Perpetrators of spam or abuse will be deleted from the site and prohibited from future registration at Investing.com’s discretion.

Write your thoughts here
 
Are you sure you want to delete this chart?
 
Post
Post also to:
 
Replace the attached chart with a new chart ?
1000
Your ability to comment is currently suspended due to negative user reports. Your status will be reviewed by our moderators.
Please wait a minute before you try to comment again.
Thanks for your comment. Please note that all comments are pending until approved by our moderators. It may therefore take some time before it appears on our website.
Comments (11)
Bj Is
Bj Is Mar 06, 2021 7:17AM ET
Saved. See Saved Items.
This comment has already been saved in your Saved Items
this was deep green in friday ? right
Ambrose Ho
Ambrose Ho Mar 06, 2021 6:59AM ET
Saved. See Saved Items.
This comment has already been saved in your Saved Items
When Xi install Windows, MSFT accept the terms and conditions.
Viking Fire
Viking Fire Mar 06, 2021 1:32AM ET
Saved. See Saved Items.
This comment has already been saved in your Saved Items
The problem with china is their government tells them what they are allowed and not allowed to think. Because or this, they will never innovate more than their dear leader can understand and cope with. This is why they are a country stuck copying everyone else.
Gary SKY saw
Gary SKY saw Mar 06, 2021 12:43AM ET
Saved. See Saved Items.
This comment has already been saved in your Saved Items
Only Russian and China are hackers.. Easy target.. Blame your grandma...
TL Chan
TL Chan Mar 05, 2021 10:43PM ET
Saved. See Saved Items.
This comment has already been saved in your Saved Items
I should have not bought this stock at the first place. This company with Cisco helped CCP building its great wall of internet! Shame on it, shame on myself have not dumped this stock earlier!
TL Chan
TL Chan Mar 05, 2021 10:41PM ET
Saved. See Saved Items.
This comment has already been saved in your Saved Items
As now awaken, MSFT is not trustable. Have to dump the stocks next Monday ! Never turn back! It is finally my tolerance towards his company come to a broken point!
David David
David9 Mar 05, 2021 10:25PM ET
Saved. See Saved Items.
This comment has already been saved in your Saved Items
I don't believe this... if they say it is a hack, they need to show us the log so we can decide for our self, if not then anyone can say there is a hack...
Mark Henline
Mark Henline Mar 05, 2021 9:35PM ET
Saved. See Saved Items.
This comment has already been saved in your Saved Items
and another plug for crooked blockchain
Kelly Mayer
Kelly Mayer Mar 05, 2021 9:19PM ET
Saved. See Saved Items.
This comment has already been saved in your Saved Items
i'd say it's time to take our money off any digital channels, before they hack our accounts away from us, on a global scale. Or implement a draconian measure said to prevent that, but rob us of something vital freedom related in the process. Next great crisis coming, the hacking of worldwide bank accounts. There will have to be at least one major credit company wiped clean for this to work. But if major credit institutions are already hacked, then it's probably going to be a global one time hack, without warning. Though this would create too much chaos... global hacks on a grand scale through Microsoft, the vaccine, climate change and synthetic meat fanatic's original company. How much unchecked power is one person allowed to have? what pevents them from developing a delusional or genocidal messiah complex?
ZS Beck
ZS Beck Mar 05, 2021 8:10PM ET
Saved. See Saved Items.
This comment has already been saved in your Saved Items
How the ****the stock price was positive today, can't even provide security.
Felipe Daniel
Felipe Daniel Mar 05, 2021 6:15PM ET
Saved. See Saved Items.
This comment has already been saved in your Saved Items
Bill Gates is too busy trying to poison people with his pharma
 
Are you sure you want to delete this chart?
 
Post
 
Replace the attached chart with a new chart ?
1000
Your ability to comment is currently suspended due to negative user reports. Your status will be reviewed by our moderators.
Please wait a minute before you try to comment again.
Add Chart to Comment
Confirm Block

Are you sure you want to block %USER_NAME%?

By doing so, you and %USER_NAME% will not be able to see any of each other's Investing.com's posts.

%USER_NAME% was successfully added to your Block List

Since you’ve just unblocked this person, you must wait 48 hours before renewing the block.

Report this comment

I feel that this comment is:

Comment flagged

Thank You!

Your report has been sent to our moderators for review
Disclaimer: Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. All CFDs (stocks, indexes, futures) and Forex prices are not provided by exchanges but rather by market makers, and so prices may not be accurate and may differ from the actual market price, meaning prices are indicative and not appropriate for trading purposes. Therefore Fusion Media doesn`t bear any responsibility for any trading losses you might incur as a result of using this data.

Fusion Media or anyone involved with Fusion Media will not accept any liability for loss or damage as a result of reliance on the information including data, quotes, charts and buy/sell signals contained within this website. Please be fully informed regarding the risks and costs associated with trading the financial markets, it is one of the riskiest investment forms possible.
Continue with Google
or
Sign up with Email