The scale of a hack on Microsoft Exchange is beginning to emerge, with tens of thousands of organisation’s potentially compromised.
The attack used previously unknown flaws in the email software – and sometimes stolen passwords – to steal data from targets’ networks.
Microsoft says the attackers are “state-sponsored and operating out of China”.
And while it initially thought the number of attacks had been “limited”, it has since reported “increased use” of the tactics – probably because other hackers are piling in to take advantage of the now public vulnerabilities before systems are patched.
All this comes hard on the heels of the SolarWinds cyber-campaign, linked to Russia, that affected multiple US government departments and other organisations.
This time round, the companies and other bodies affected are apparently of less strategic importance. But even so, the two attacks put the new Biden administration under pressure to respond.
And weary cyber-defenders say events are not just escalating but spiralling out of control. Both Russia and China have denied any involvement.
US national security adviser Jake Sullivan tweeted the White House was “closely tracking” reports of the latest breach, a sign the administration wants to be seen to be taking the issue seriously. One US senator has described the SolarWinds attack as an “act of war”.
Others have disagreed. But it illustrates how rhetoric about cyber-campaigns is escalating, heightening pressure for tough action. Although, it is unclear what effective options the president has. And there are concerns his administration has boxed itself in with tough talk when it is unclear if it can actually deter adversaries.
The New York Times has reported US officials have said the “first move”, in the “coming weeks”, will be a series of clandestine actions on Russian networks. These are likely to be coupled with economic sanctions and some kind of public attribution.
Telegraphing plans for clandestine attacks may seem a little odd. But part of the point is to be seen to be responding. “It is just an excuse to do nothing but look tough,” one cyber-security veteran says. For its part, the UK is preparing to launch its own security-and-defence review, in which China is expected to feature.
It has said less than the US about the latest hack, although it is investigating its impact…
Read the full story at BBC News