It was impossible to miss news of the massive SolarWinds cyberattack that occurred late last year. Countless organizations were affected by it and the extent of the hack is still being investigated. Now, another widescale attack has been discovered.
According to well-known cybersecurity journalist Brain Krebs, multiple vulnerabilities in Microsoft’s Exchange Server software have put 30,000 organizations at risk. U.S. government divisions and commercial businesses alike seem to be affected by the attack.
Authorities and the involved organizations are scrambling to determine how severe the attack is and how their systems may be affected.
Typically, a successful cyberattack only targets one organization or a group that is connected by the same network infrastructure. Attacks like the ones targeting SolarWinds and Exchange Server reveal how third-party software can pose a serious security risk. Since those applications are deeply ingrained in a company’s network, they can cause major problems if they are compromised.
Krebs notes that the recent attack gave hackers total control over the systems of affected companies and organizations. In response, Microsoft offered emergency security updates on March 2 to try and stop the hackers from stealing further data.
However, experts later found a password-protected hacking tool called a web shell on the affected systems. This allows the hackers to regain remote control and administrative access at a later date.
In a tweet on Friday, former Cybersecurity and Infrastructure Agency (CISA) head Chris Krebs (not related to Brain Krebs) said, “This is a crazy huge hack. The numbers I’ve heard dwarf what’s reported here & by my brother from another mother (@briankrebs). Why, though? Is this a flex in the early days of the Biden admin to test their resolve? Is it an out of control cybercrime gang? Contractors gone wild?”
This is a crazy huge hack. The numbers I've heard dwarf what's reported here & by my brother from another mother (@briankrebs). Why, though? Is this a flex in the early days of the Biden admin to test their resolve? Is it an out of control cybercrime gang? Contractors gone wild? pic.twitter.com/cA4lkS4stg
— Chris Krebs (@C_C_Krebs) March 6, 2021
At this point, the motivations behind the attack remain unclear.
More to Come
Those who followed the SolarWinds saga know that there are always more details being unveiled in the wake of a massive cyberattack. History is likely to repeat itself following this event.
At the time of this writing, an official list of the affected companies and organizations hasn’t been released. Until that happens, it’s impossible to grasp the full extent of the attack and what fallout could occur as a result. Nonetheless, it appears that the hack has far-reaching and very serious effects.
In the meantime, Microsoft is working with authorities to investigate the attack. A company spokesperson said that it is “working closely with CISA, other government agencies, and security companies, to ensure we are providing the best possible guidance and mitigation for our customers.”
Microsoft goes on to recommend that anyone using its Exchange Server software should apply the updates it rolled out as soon as possible.