Cyber Security Specialists postulated the campaign corrupted computer servers by exploiting newly found vulnerabilities in Microsoft Exchange applications.
According to a computer security specialist, no less than 30,000 US organizations, including local governments, have been hacked in recent days by an “unusually aggressive” Chinese cyber-espionage campaign.
Campaign abused bugs in Microsoft Exchange applications, stealing emails and infecting network servers employing tools allowing attackers to control remotely, Brian Krebs said in a post on his cybersecurity news blog.
Jennifer Psaki-White House spokeswoman- when asked about the campaign at a press conference on Friday said that:
“This is an active threat.”
Everyone has to play their part to patch the servers; we’re worried there are many casualties, she said while talking to reporters.
After Microsoft delivered patches for the weaknesses on Tuesday, assaults “drastically ventured up” on servers not yet equipped with security fixes, said Krebs, who referred to anonymous sources acquainted with the circumstance.
Not less than 30,000 associations across the United States in recent days been hacked by a bizarrely forceful Chinese digital hacking activities unit that is centered on taking email from casualty associations,” Krebs wrote in the post.
He reported that insiders said hackers have held onto control of thousands of computer networks worldwide utilizing password-protected software tools into the applications.
Microsoft announced earlier this week that a state-sponsored hacking group based in China is stealing data from business users by leveraging previously undisclosed security vulnerabilities in its Exchange email services.
Microsoft said that the hacking group, named “Hafnium,” is exceptionally talented and highly professional hacking group.
In the past, Hafnium has attacked US-based businesses such as infectious disease researchers, law firms, universities, defense contractors think tanks and non-governmental organizations.
Various hacking groups are likely to launch further attacks, according to sources.
According to a government source, hackers have only used back doors to re-enter and pass through compromised networks in a limited number of cases, potentially fewer than one in ten.
Cheng-Da Tsai, a well-known Taiwanese cyber-researcher, uncovered the first attack vector and disclosed it to Microsoft in January. In a blog post, he mentioned that he was investigating whether the data & information were breached.
However, he didn’t disclose any further information.