More than 20,000 U.S. organizations compromised through Microsoft flaw

[rooster59]

More than 20,000 U.S. organizations compromised through Microsoft flaw

By Joseph Menn, Raphael Satter and Trevor Hunnicutt

 

FILE PHOTO: A Microsoft logo is seen on an office building in New York City on July 28, 2015. REUTERS/Mike Segar

 

WASHINGTON (Reuters) - More than 20,000 U.S. organizations have been compromised through a back door installed via recently patched flaws in Microsoft Corp's email software, a person familiar with the U.S. government's response said on Friday.

 

The hacking has already reached more places than all of the tainted code downloaded from SolarWinds Corp, the company at the heart of another massive hacking spree uncovered in December.

 

The latest hack has left channels for remote access spread among credit unions, town governments and small businesses, according to records from the U.S. investigation.

 

Tens of thousands of organizations in Asia and Europe are also affected, the records show.

 

The hacks are continuing despite emergency patches issued by Microsoft on Tuesday.

 

Microsoft, which had initially said the hacks consisted of "limited and targeted attacks," declined to comment on the scale of the problem on Friday but said it was working with government agencies and security companies to provide help to customers.

 

It added, "impacted customers should contact our support teams for additional help and resources."

 

One scan of connected devices showed only 10% of those vulnerable had installed the patches by Friday, though the number was rising.

 

Because installing the patch does not get rid of the back doors, U.S. officials are racing to figure out how to notify all the victims and guide them in their hunt.

 

All of those affected appear to run Web versions of email client Outlook and host them on their own machines, instead of relying on cloud providers. That may have spared many of the biggest companies and federal government agencies, the records suggest.

 

The federal Cybersecurity and Infrastructure Security Agency did not respond to a request for comment.

 

Earlier on Friday, White House press secretary Jen Psaki told reporters that the vulnerabilities found in Microsoft's widely used Exchange servers were "significant," and "could have far-reaching impacts."

 

"We're concerned that there are a large number of victims," Psaki said.

 

Microsoft and the person working with the U.S. response blamed the initial wave of attacks on a Chinese government-backed actor. A Chinese government spokesman said the country was not behind the intrusions.

 

What started as a controlled attack late last year against a few classic espionage targets grew last month to a widespread campaign. Security officials said that implied that unless China had changed tactics, a second group may have become involved.

 

More attacks are expected from other hackers as the code used to take control of the mail servers spreads.

 

The hackers have only used the back doors to re-enter and move around the infected networks in a small percentage of cases, probably less than 1 in 10, the person working with the government said.

 

"A couple hundred guys are exploiting them as fast as they can," stealing data and installing other ways to return later, he said.

 

The initial avenue of attack was discovered by prominent Taiwanese cyber researcher Cheng-Da Tsai, who said he reported the flaw to Microsoft in January. He said in a blog post that he was investigating whether the information leaked.

 

He did not respond to requests for further comment.

 

(Reporting by Raphael Satter and Trevor Hunnicutt in Washington and Joseph Menn in San Francisco; Editing by Matthew Lewis and Rosalba O'Brien)

 

-- © Copyright Reuters 2021-03-07

 

- Whatever you're going through, the Samaritans are here for you

- Follow Thaivisa on LINE for breaking COVID-19 updates

 

 

[PatOngo]

15 minutes ago, rooster59 said:

compromised through a back door

Shafted through the back door! Oh well!

[KeeTua]

There are only two types of computer networks, those that know they have been hacked and those that don't yet know they've been hacked.

[thaibeachlovers]

It was, IMO, a sad day when the bodies that govern us allowed MS to become the dominant OS. They are just waking up to the threats caused by facebook and google etc, but not a mention of promoting a better OS than the money making  virtual monopoly of MS. They probably wouldn't allow a single oil company to have a monopoly on fuel, but apparently have no problem with an OS monopoly that runs so much of our lives.

[Iron Tongue]

38 minutes ago, thaibeachlovers said:

It was, IMO, a sad day when the bodies that govern us allowed MS to become the dominant OS. They are just waking up to the threats caused by facebook and google etc, but not a mention of promoting a better OS than the money making  virtual monopoly of MS. They probably wouldn't allow a single oil company to have a monopoly on fuel, but apparently have no problem with an OS monopoly that runs so much of our lives.

Well, you can pretty-much put anyone's gas in your car and it'll drive.

 

Try having 30-50 different operating systems and then send an email to several companies.  Good luck with any documents you want attached!  Now try it internationally!

 

There used to be mutltiple OS', but they fell out of favor due to these issues until MS became the default.  IBM tried to bring them down, but by then, it was too late.

[thaibeachlovers]

35 minutes ago, Iron Tongue said:

Well, you can pretty-much put anyone's gas in your car and it'll drive.

 

Try having 30-50 different operating systems and then send an email to several companies.  Good luck with any documents you want attached!  Now try it internationally!

 

There used to be mutltiple OS', but they fell out of favor due to these issues until MS became the default.  IBM tried to bring them down, but by then, it was too late.

I can put any brand blank CD or DVD in my machine and copy something on it, then ( have to finalize DVDs, but not CDs ) look at the result on any brand machine.

IMO your argument is faulty. Doesn't MS  and Apple have different OS but I can post e mail from one to the other?

[simple1]

6 minutes ago, thaibeachlovers said:

I can put any brand blank CD or DVD in my machine and copy something on it, then ( have to finalize DVDs, but not CDs ) look at the result on any brand machine.

IMO your argument is faulty. Doesn't MS  and Apple have different OS but I can post e mail from one to the other?

 

Corporate and government is Microsoft's largest revenue market, ask yourself why corporate and government usually standardise Microsoft OS / apps across their desktop  platforms.

[thaibeachlovers]

Just now, simple1 said:

 

Corporate and government is Microsoft's largest revenue market, ask yourself why corporate and government usually standardise Microsoft OS / apps across their desktop  platforms.

Pity they can't stop getting hacked then!

I hate MS 10, but I'm too poor to go Apple and they don't support 7 anymore. Even XP was better than 10 for what I do.

[simple1]

4 minutes ago, thaibeachlovers said:

Pity they can't stop getting hacked then!

I hate MS 10, but I'm too poor to go Apple and they don't support 7 anymore. Even XP was better than 10 for what I do.

 

hack more than likely due to poor security architecture in the comms / server gateways

 

"All of those affected appear to run Web versions of email client Outlook and host them on their own machines, instead of relying on cloud providers"

Edited March 7, 2021 by simple1

[bendejo]

1 hour ago, simple1 said:

"All of those affected appear to run Web versions of email client Outlook and host them on their own machines, instead of relying on cloud providers"

 

Outlook and the rest of the MSOffice suite is, for now in its third decade, the security weak spot and it's also their flagship application.  Not good when all those words appear in the same sentence.

 

 

[Iron Tongue]

6 hours ago, thaibeachlovers said:

I can put any brand blank CD or DVD in my machine and copy something on it, then ( have to finalize DVDs, but not CDs ) look at the result on any brand machine.

IMO your argument is faulty. Doesn't MS  and Apple have different OS but I can post e mail from one to the other?

Well, you're 25+ years late on the arguement.

 

Remember back in the 90's if you wanted to add a CD player to your computer and it wouldn't work until you manually used the included disk to install the correct driver to your system?  Same for a keyboard, mouse, any new hardware.

 

This was needed because of multiple OS' that HW manufacturers had to deal with.  They needed people to write drivers for each OS & version to make their HW compatible.  It didn't always work and one may discover their new keyboard or monitor was incompatible with their system.  Lots of <deleted>-off owners back then.

 

Eventually MS started adding drivers into their OS, or made it auto-downloadable on their support site.  MS could do this because they had the clout to force HW vendors to operate within their OS library, which became the standard.

 

The other OS companies such as IBM Warp eventually got dumped as not worthwhile to support, etc.  So nowadays we pretty-much have MS on top, with Apple and Linux as me-toos. 

 

 

 

 

[thaibeachlovers]

On 3/8/2021 at 6:55 PM, Iron Tongue said:

Well, you're 25+ years late on the arguement.

 

Remember back in the 90's if you wanted to add a CD player to your computer and it wouldn't work until you manually used the included disk to install the correct driver to your system?  Same for a keyboard, mouse, any new hardware.

 

This was needed because of multiple OS' that HW manufacturers had to deal with.  They needed people to write drivers for each OS & version to make their HW compatible.  It didn't always work and one may discover their new keyboard or monitor was incompatible with their system.  Lots of <deleted>-off owners back then.

 

Eventually MS started adding drivers into their OS, or made it auto-downloadable on their support site.  MS could do this because they had the clout to force HW vendors to operate within their OS library, which became the standard.

 

The other OS companies such as IBM Warp eventually got dumped as not worthwhile to support, etc.  So nowadays we pretty-much have MS on top, with Apple and Linux as me-toos. 

 

 

 

 

You are correct, far as I know, but that still doesn't make W10 a better OS than W7 for people like me. IMO the entire MS business plan is to force people to buy new OS even when they are satisfied with the present one and that is only possible because they have a virtual monopoly.