Microsoft server hack has victims hustling to stop intruders
Associated PressBOSTON — Victims of a massive global hack of Microsoft email server software — estimated in the tens of thousands by cybersecurity responders — hustled Monday to shore up infected systems and try to diminish chances that intruders might steal data or hobble their networks. “I would say it’s a serious economic security threat because so many small companies out there can literally have their business destroyed through a targeted ransomware attack,” said Dmitri Alperovitch, former chief technical officer of the cybersecurity firm CrowdStrike. “It was essentially a skeleton key to open up any company that had this Microsoft product installed.” Asked for comment, the Chinese embassy in Washington pointed to remarks last week from Foreign Ministry spokesperson Wang Wenbin saying that China “firmly opposes and combats cyber attacks and cyber theft in all forms” and cautioning that attribution of cyberattacks should be based on evidence and not “groundless accusations.” The hack did not affect the cloud-based Microsoft 365 email and collaboration systems favored by Fortune 500 companies and other organizations that can afford quality security. Tony Cole of Attivo Networks said the huge number of potential victims creates a perfect “smokescreen” for nation-state hackers to hide a much smaller list of intended targets by tying up already overstretched cybersecurity officials. Steven Adair of the cybersecurity firm Volexity, which alerted Microsoft to the initial intrusion, described a “mass, indiscriminate exploitation” that began the weekend before the patch was released and included groups from “many different countries, criminal actors.” The Cybersecurity Infrastructure and Security Agency issued an urgent alert on the hack last Wednesday and National Security Adviser Jake Sullivan tweeted about it Thursday evening.