Updated March 6, 2021 9:56 p.m ET
A cyberattack on Microsoft Corp.’s Outlook email software is believed to have infected tens of thousands of businesses, government offices and schools in the U.S., according to people briefed on the matter.
Many of those victims of the attack, which Microsoft has said was carried out by a network of suspected Chinese hackers, appear to be small businesses and state and local governments.
Estimates of total world-wide victims were approximate and ranged broadly as of Friday. Tens of thousands of customers appear to have been.
CISA, the U.S.’s primary defensive cybersecurity agency, rarely exercises its authority to demand that the entire U.S. government take steps to protect its cybersecurity.
The move was necessary, the agency said, because the Exchange hackers are able “to gain persistent system access.” All government agencies have until noon Friday to download the latest software update.
In a separate blog post, Microsoft Vice President Tom Burt wrote that the hackers have recently spied on a wide range of American targets, including disease researchers, law firms and defense contractors.
Burt added that the company had seen no evidence that individual consumers were targeted but emphasized that the hacker group has previously targeted “infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks and NGOs.”
Contacted by email, a spokesperson for the Chinese Embassy in Washington referred to recent comments by spokesperson Wang Wenbin.
“China has reiterated on multiple occasions that given the virtual nature of cyberspace and the fact that there are all kinds of online actors who are difficult to trace, tracing the source of cyber attacks is a complex technical issue,” Wang said.
“We hope that relevant media and company will adopt a professional and responsible attitude and underscore the importance to have enough evidence when identifying cyber-related incidents, rather than make groundless accusations.”
There was no immediate indication that the hack had led to significant exploitation of government computer networks. But the announcement marks the second time in recent months that the U.S. has scrambled to address a widespread hacking campaign believed to be the work of foreign government spies.
The U.S. is still sussing out the damage after hackers suspected of being Russian broke into a software management company, SolarWinds, and used the breach to hack nine federal agencies and about 100 private companies, White House deputy national security adviser Anne Neuberger said in February.
TELEGRAM LINK BELOW
