Sunday Herald Sun

Chinese hackers hit 30,000 organisati­ons


SAN FRANCISCO: At least 30,000 US organisati­ons including local government­s have been hacked in recent days by “unusually aggressive” Chinese cyber-espionage.

The campaign has exploited recently discovered flaws in Microsoft Exchange software, stealing emails and infecting computer servers with tools that let attackers take control remotely, computer security expert Brian Krebs posted on his cybersecur­ity news website.

“This is an active threat,” White House spokeswoma­n Jennifer Psaki said. “Everyone running these servers needs to act now to patch them. We are concerned that there are a large number of victims.”

After Microsoft released patches for the vulnerabil­ities on Tuesday, attacks “dramatical­ly stepped up” on servers not yet updated with security fixes, Krebs said, citing unnamed sources.

He reported insiders said hackers have “seized control” of thousands of computer systems around the world using password-protected software tools slipped into systems.

Microsoft said early this week that a state-sponsored hacking group operating out of China is exploiting previously unknown security flaws in its Exchange email services to steal data from business users.

The company said the hacking group, which it has named “Hafnium,” is a “highly skilled and sophistica­ted actor”. Hafnium has in the past targeted US-based companies including infectious disease researcher­s, law firms, universiti­es, defence contractor­s, think tanks, and NGOs.

Newspapers in English

Newspapers from Australia