Close Menu
Innovation Village | Technology, Product Reviews, Business
    Facebook X (Twitter) Instagram
    Monday, September 1
    • About us
      • Authors
    • Contact us
    • Privacy policy
    • Terms of use
    • Advertise
    • Newsletter
    • Post a Job
    • Partners
    Facebook X (Twitter) LinkedIn YouTube WhatsApp
    Innovation Village | Technology, Product Reviews, Business
    • Home
    • Innovation
      • Products
      • Technology
      • Internet of Things
    • Business
      • Agritech
      • Fintech
      • Healthtech
      • Investments
        • Cryptocurrency
      • People
      • Startups
      • Women In Tech
    • Media
      • Entertainment
      • Gaming
    • Reviews
      • Gadgets
      • Apps
      • How To
    • Giveaways
    • Jobs
    Innovation Village | Technology, Product Reviews, Business
    You are at:Home»Cybercrime»Biden Administration Launches Emergency Taskforce to Address Cyber-attack After Microsoft Hack
    Microsoft

    Biden Administration Launches Emergency Taskforce to Address Cyber-attack After Microsoft Hack

    5
    By Tapiwa Matthew Mutisi on March 9, 2021 Cybercrime, Cybersecurity, Information Technology, Microsoft, Security

    The Biden administration is launching an emergency task force to address an aggressive cyber-attack that has affected hundreds of thousands of Microsoft customers around the world – the second major hacking campaign to hit the US since the election. The first one being the SolarWinds Hack.

    The attack, first reported by security researcher Brian Krebs on 5 March, allowed hackers to access the email accounts of at least 30,000 organizations in the US. These back channels for remote access can affect credit unions, town governments, and small businesses, and have left US officials scrambling to reach victims, with the FBI on Sunday urging them to contact the law enforcement agency.

    The “unusually aggressive” attack infiltrated accounts using tools that give the attackers “total, remote control over affected systems”, cybersecurity experts briefed on the topic told Krebs.

    Microsoft Blames China for Global E-mail Servers, Microsoft Exchange Hack

    On Saturday the Cybersecurity and Infrastructure Security Agency (CISA) encouraged all organizations using Microsoft Exchange to scan devices for vulnerabilities. The breach represents “a significant vulnerability that could have far-reaching impacts”, the White House press secretary, Jen Psaki, said in a press briefing on Friday.

    “First and foremost, this is an active threat,” she said. “We are concerned that there are a large number of victims and are working with our partners to understand the scope of this.” The latest hack comes on the heels of SolarWinds, a separate series of sophisticated attacks attributed to Russia that breached about 100 US companies and nine federal agencies.

    Microsoft said it has seen “no evidence that the actor behind SolarWinds discovered or exploited any vulnerability in Microsoft products and services”. Researchers say the recent hack began as a controlled attack on a few large targets starting in late 2020 and was detected in early January as it developed into a more widespread campaign. Additional attacks are expected from other hackers as the code used to take control of the mail servers spreads.

    The More we Learn About the SolarWinds Hack, the Worse it Looks

    The Biden administration has launched a multi-agency effort initiated by the national security council, that includes the FBI, Cisa and others, the US official said, to determine who has been hacked, what has been done, and how to quickly patch the vulnerabilities.

    Microsoft first issued patches for the attack on Tuesday, but fixing the issue will be more complicated as these patches do not undo the damaged already caused, said Oliver Tavakoli, the chief technology officer at California-based security firm Vectra.

    “Patching their Exchange servers will prevent an attack if their Exchange server has not already been compromised,” Tavakoli said. “But it will not undo the foothold attackers have on an already compromised Exchange server.”

    The European Banking Authority, the European Union’s banking regulator, which gathers and stores swaths of sensitive data about banks and their lending, confirmed on Monday it had been affected. It said it believed the cyber-attack had struck only its email servers and that no data had been obtained. Psaki declined to answer in this weekend’s press conference whether any large US government bodies were affected by the breach, and other targets have not yet been named.

    A person working with the US response told Reuters that the attack had been blamed on a Chinese government-backed actor. Microsoft has also attributed the attack to China. A Chinese government spokesman said the country was not behind the intrusions, according to Reuters.

    The latest hack comes on the heels of SolarWinds, a separate series of sophisticated attacks attributed to Russia that breached about 100 US companies and nine federal agencies. “We continue to see no evidence that the actor behind SolarWinds discovered or exploited any vulnerability in Microsoft products and services,” the company said.

    A Microsoft spokesman said in a statement the company is working closely with Cisa, other government agencies, and security companies to respond to the hack. “The best protection is to apply updates as soon as possible across all impacted systems. We continue to help customers by providing additional investigation and mitigation guidance,” he said. “Impacted customers should contact our support teams for additional help and resources.”

    The most recent Microsoft hack, which one former national security official briefed on the matter called “absolutely massive” in an interview with Wired, may end up being larger than the historically large SolarWinds attack that prompted a congressional hearing this month.

    US Intelligence Confirms SolarWinds Hack Culprits ‘Likely Russian’

    At that hearing, tech executives including Microsoft’s president, Brad Smith, said hacks like these were difficult to address as many organizations do not publicly announce breaches until long after they are discovered. Meanwhile, handling this hack so close to the recent SolarWinds attacks will be difficult for US agencies and Biden administration, said Tavakoli.

    “This hack will compete for the same investigative and remediation resources, so having two such broad attacks occur near the same time places exorbitant strain on the resources,” he said.

    Related

    Biden Administration Cyber-attack CYbersecurity Data Protection Information technology Microsoft Microsoft Exchange Security SolarWinds Hack
    Share. Facebook Twitter Pinterest LinkedIn Email
    Tapiwa Matthew Mutisi
    • Facebook
    • X (Twitter)
    • LinkedIn

    Tapiwa Matthew Mutisi has been covering blockchain technology, intelligent technologies, cryptocurrency, cybersecurity, telecommunications technology, sustainability, autonomous vehicles, and other topics for Innovation Village since 2017. In the years since, he has published over 4,000 articles — a mix of breaking news, reviews, helpful how-tos, industry analysis, and more. | Open DM on Twitter @TapiwaMutisi

    Related Posts

    Somalia launches e-visa platform to modernize travel and strengthen border security

    Google Breach Exposes 2.5 Billion Gmail Users to Surge in Scams

    NDPC Launches Probe into 1,369 Nigerian Companies Over Data Privacy Violations

    5 Comments

    1. Pingback: Microsoft Email Hack Attacks Thousands of Businesses Around the Globe | Innovation Village | Technology, Product Reviews, Business

    2. Pingback: How Microsoft Hack Endangers you and me? | Innovation Village | Technology, Product Reviews, Business

    3. Pingback: Bitcoin Plunges Below $50,000 in Worst Week in Two Months | Innovation Village | Technology, Product Reviews, Business

    4. Pingback: Apple sues Israeli spyware firm NSO Group for targeting its users - Innovation Village | Technology, Product Reviews, Business

    5. Pingback: Biden Administration blacklists more Chinese tech firms citing national security - Innovation Village | Technology, Product Reviews, Business

    Leave A Reply Cancel Reply

    You must be logged in to post a comment.

    Copyright ©, 2013-2024 Innovation-Village.com. All Rights Reserved

    Type above and press Enter to search. Press Esc to cancel.