San Diego Union-Tribune

MICROSOFT: CHINA-BASED HACKERS FOUND BUG

Targeting American firms, universiti­es and contractor­s

- BY MATT O’BRIEN O’Brien writes for The Associated Press.

China-based government hackers have exploited a bug in Microsoft’s email server software to target U.S. organizati­ons, the company said Tuesday.

Microsoft said that a “highly skilled and sophistica­ted” state-sponsored group operating from China has been trying to steal informatio­n from a number of American targets, including universiti­es, defense contractor­s, law firms and infectious-disease researcher­s.

Microsoft said it has released security upgrades to fix the vulnerabil­ities to its Exchange Server software, which is used for work email and calendar services, mostly for larger organizati­ons that have their own inperson email servers. It doesn’t affect personal email accounts or Microsoft’s cloud-based services.

The company said the hacking group it calls Hafnium was able to trick Exchange servers into allowing it to gain access. The hackers then masquerade­d as someone who should have access and created a way to control the server remotely so that they could steal data from an organizati­on’s network.

Microsoft said the group is based in China but operates from leased virtual private servers in the U.S., helping it avoid detection.

The company based in Redmond, Wash., declined to name any specific targets or say how many organizati­ons were affected.

Reston, Virginia-based cybersecur­ity firm Volexity, which Microsoft credits for helping to detect the intrusions, said its network security monitoring service began picking up on a suspicious­ly large data transfer in late January.

“They’re just downloadin­g email, literally going to town,” said Steven Adair, Volexity’s president, who said the targets have included “defense contractor­s, internatio­nal aid and developmen­t organizati­ons, the NGO think-tank community.”

Adair said he’s concerned that the hackers will accelerate their activity in the coming days before organizati­ons are able to install Microsoft’s security upgrades.

“As bad as it is now, I think it’s about to get a lot worse,” he said. “This gives them a limited amount of opportunit­y to go and exploit something. The patch isn’t going to fix that if they left their backdoor behind.”

?? ??
?? SAM HODGSON U-T ?? San Diego Mayor Todd Gloria speaks at a news conference announcing the rollout of San Diego Community Power at Harbor Island Park on Monday.
SAM HODGSON U-T San Diego Mayor Todd Gloria speaks at a news conference announcing the rollout of San Diego Community Power at Harbor Island Park on Monday.
?? ??
?? SWAYNE B. HALL AP ?? Microsoft has released security upgrades to fix the vulnerabil­ities to its Exchange Server software.
SWAYNE B. HALL AP Microsoft has released security upgrades to fix the vulnerabil­ities to its Exchange Server software.
?? ??
?? ??

Newspapers in English

Newspapers from United States