A Chinese hacker attack on Microsoft Corp.’s (NASDAQ:MSFT) widely used business email software is escalating into a global cybersecurity crisis as a growing number of computer systems are impacted.
The attack, which Microsoft has said started with a Chinese government-backed hacking group, has so far claimed at least 60,000 known victims globally. Many of the victims appear to be small or medium-sized businesses caught in a wide net the hackers cast as Microsoft worked to shut down the cyberattack.
The European Banking Authority became one of the latest victims as it said Sunday that access to personal data through emails held on Microsoft servers may have been compromised. Others identified so far include banks and electricity providers, as well as senior citizen homes.
The rapidly escalating cyberattack came months after the SolarWinds Corp. (NYSE:SWI) breaches by suspected Russian hackers that drew the attention of U.S. national security officials in part because the latest hackers were able to hit so many victims in rapid succession.
Researchers say in the final phases of the attack, the perpetrators appeared to have automated the process, scooping up tens of thousands of new victims around the world in only a few days.
The U.S. government is preparing to retaliate against the hackers, according to multiple media reports. Security officials in Washington, D.C. are preparing a series of actions across Russian networks -- intended to send a message to Vladimir Putin and his intelligence services -- combined with economic sanctions.
President Joe Biden could also issue an executive order to shore up federal agencies against Chinese and Russian hacking.
The Chinese hacking group, which Microsoft calls Hafnium, appears to have been breaking into private and government computer networks through the company’s popular "Exchange" email software for a number of months, initially targeting only a small number of victims.
The result is a second cybersecurity crisis coming just months after suspected Russian hackers breached nine federal agencies and at least 100 companies through tampered updates from information technology management software maker SolarWinds LLC.
Asked about Microsoft’s attribution of the attack to China, a Chinese foreign ministry spokesman said that the country “firmly opposes and combats cyber attacks and cyber theft in all forms” and suggested that blaming a particular nation was a “highly sensitive political issue.”
Tech Insider