WASHINGTON (Reuters) – The hackers behind the powerful suite of digital intrusion tools exposed this week have racked up a worrying death toll, the White House said on Friday, the latest indication that the cyber espionage campaign targeting email software Microsoft Corp’s Exchange poses a serious problem. threat.
“This is a significant vulnerability that could have far-reaching impacts,” White House press secretary Jen Psaki told reporters. “We are concerned that there are a large number of victims.”
Using tools that exploited four previously unknown vulnerabilities, the supposedly Chinese group that Microsoft calls “Hafnium” has been breaking into email servers since January, extracting information remotely and silently from their inboxes without having to send a single email. malicious email or a fraudulent attachment.
So far, few victims of hackers have gone public. Microsoft said this week that the targets included infectious disease researchers, law firms, institutions of higher education, defense contractors, think tanks, and nongovernmental groups.
On Tuesday, Dell Technologies Secureworks investigators said the pace of thefts began to pick up overnight last Sunday, something others have read as an indication that hackers increased their activity because they knew they were about to break. get exposed.
Much of the activity was concentrated in the United States, but victims have turned up around the world.
Norwegian authorities said they had seen “limited” use of hacking tools in their country. The municipality of Prague and the Czech Ministry of Labor and Social Affairs were among those affected, according to a European cyber official briefed on the matter.
The official said that the ease of exploitation of the technique meant that hackers had effectively enjoyed a “free buffet” since the beginning of the year.
The concern now is that others may be about to join the party.
Although Microsoft has released fixes for the vulnerabilities and the US government, including national security adviser Jake Sullivan, has urged users to update their software, in practice not all are. Meanwhile, hackers are studying solutions to reverse engineer Hafnium tools and hijack them.
Once that happens, experts say, targeting can become even more aggressive.
Reporting by Raphael Satter; Editing by Dan Grebler and David Gregorio