Microsoft server hack hit about 100 organisations, researchers say
Microsoft on Saturday issued an alert about 'active attacks' on self-hosted SharePoint servers, which are widely used by organisations to share documents and collaborate within organisations. SharePoint instances run off of Microsoft servers were unaffected.
Dubbed a 'zero-day' because it leverages a previously undisclosed digital weakness, the hacks allow spies to penetrate vulnerable servers and potentially drop a backdoor to secure continuous access to victim organisations.
Vaisha Bernard, the chief hacker at Eye Security, a Netherlands-based cybersecurity firm, which discovered the hacking campaign targeting one of its clients on Friday, said that an Internet scan carried out with the Shadowserver Foundation had uncovered nearly 100 victims altogether – and that was before the technique behind the hack was widely known.
'It's unambiguous,' Bernard said. 'Who knows what other adversaries have done since to place other backdoors.'
He declined to identify the affected organisations, saying that the relevant national authorities had been notified.
BT in your inbox
Start and end each day with the latest news stories and analyses delivered straight to your inbox.
Sign Up
Sign Up
The Shadowserver Foundation confirmed the 100 figure. It said most of those affected were in the United States and Germany, and the victims included government organisations.
Another researcher said that, so far, the spying appeared to be the work of a single hacker or set of hackers.
'It's possible that this will quickly change,' said Rafe Pilling, director of Threat Intelligence at Sophos, a British cybersecurity firm.
Microsoft said it had 'provided security updates and encourages customers to install them', a company spokesperson said in an e-mailed statement.
It was not clear who was behind the ongoing hack, but Alphabet's Google, which has visibility into wide swaths of Internet traffic, said it tied at least some of the hacks to a 'China-nexus threat actor'.
The Chinese Embassy in Washington did not immediately respond to a message seeking comment; Beijing routinely denies carrying out hacking operations.
The FBI said on Sunday it was aware of the attacks and was working closely with its federal and private-sector partners, but offered no other details. Britain's National Cyber Security Center said in a statement that it was aware of 'a limited number' of targets in the United Kingdom. A researcher tracking the campaign said that the campaign appeared initially aimed at a narrow set of government-related organisations.
The pool of potential targets remains vast. According to data from Shodan, a search engine that helps to identify internet-linked equipment, over 8,000 servers online could theoretically have already been compromised by hackers. Shadowserver put the number at a little more than 9,000, while cautioning that the figure was a minimum.
Those servers include major industrial firms, banks, auditors, healthcare companies, and several US state-level and international government entities.
'The SharePoint incident appears to have created a broad level of compromise across a range of servers globally,' said Daniel Card of British cybersecurity consultancy PwnDefend.
'Taking an assumed breach approach is wise, and it's also important to understand that just applying the patch isn't all that is required here.' REUTERS
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Straits Times
31 minutes ago
- Straits Times
Trump and Starmer to meet in Scotland with trade and Gaza on agenda
Find out what's new on ST website and app. Mr Starmer (right) had hoped to negotiate a drop in US steel and aluminium tariffs as part of the talks. EDINBURGH/TURNBERRY, Scotland - US President Donald Trump will host British Prime Minister Keir Starmer at his golf resort in western Scotland on July 28 for talks ranging from their recent bilateral trade deal to the worsening hunger crisis in Gaza, the two governments said. Mr Trump, riding high after announcing a huge trade agreement with the European Union late on July 27, said he expected Mr Starmer would also be pleased. 'The prime minister of the UK, while he's not involved in this, will be very happy because you know, there's a certain unity that's been brought there, too,' Mr Trump said. 'He's going to be very happy to see what we did.' UK wants to discuss steel tariffs Mr Starmer had hoped to negotiate a drop in US steel and aluminium tariffs as part of the talks, but Mr Trump on July 28 ruled out any changes in the 50 per cent steel and aluminium duties for the EU, and has said the trade deal with Britain is 'concluded'. British business and trade minister Jonathan Reynolds told the BBC the talks with Mr Trump offered Britain a good chance to advance its arguments, but he did not expect announcements on the issue on July 28. Mr Trump and Mr Starmer were expected to meet at noon local time at Mr Trump's luxury golf resort in Turnberry, on Scotland's west coast, before travelling on together later to a second sprawling estate owned by Mr Trump in the east, near Aberdeen. Hundreds of police officers were guarding the perimeter of the Turnberry course and the beach that flanks it, with a helicopter hovering overhead, although there was no sign of protesters outside the course. Top stories Swipe. Select. Stay informed. Singapore Tanjong Katong sinkhole backfilled; road to be repaved after LTA tests Asia Gunman kills 5 security guards near Bangkok's Chatuchak market before taking own life Singapore HPB looking for vaping, smoking counselling services for up to 175 secondary school students Asia Cambodia says immediate ceasefire is purpose of talks; Thailand questions its sincerity Singapore Jail for former pre-school teacher who tripped toddler repeatedly, causing child to bleed from nose Singapore Police statements by doctor in fake vaccine case involving Iris Koh allowed in court: Judge Singapore Woman allegedly linked to case involving pre-schooler's sexual assault given stern warning Singapore Singapore lion dance troupe retains title at Genting World championship Mr Starmer was arriving from Switzerland, where England on July 27 won the women's European soccer championship final. Casting a shadow over their visit has been the deepening crisis in the war-torn Gaza enclave, where images of starving Palestinians have alarmed the world. British cabinet recalled Mr Starmer has recalled his ministers from their summer recess for a cabinet meeting, a government source said on July 28, most likely to discuss the situation in Gaza as pressure grows at home and abroad to recognise a Palestinian state. On July 25, he said Britain would recognise a Palestinian state only as part of a negotiated peace deal, disappointing many in his Labour Party who want him to follow France in taking swifter action. Mr Trump on July 25 dismissed French President Emmanuel Macron's plan to recognise a Palestinian state , an intention that also drew strong condemnation from Israel, after similar moves from Spain, Norway and Ireland in 2024. Mr Trump said that while the US would increase its aid to Gaza, it wanted others to join the effort. Ukraine was also on the agenda for talks with Mr Starmer. Dozens of Gazans have died of malnutrition in recent weeks , according to the Health Ministry in the Hamas-run enclave, with aid groups warning of mass hunger. The war began on Oct 7, 2023, when Hamas-led fighters stormed southern Israel, killing 1,200 people, mostly civilians, and taking 251 hostages back to Gaza, according to Israeli tallies. Since then, Israel's offensive has killed nearly 60,000 people in Gaza, mostly civilians, according to Gaza health officials. It has reduced much of the enclave to ruins and displaced nearly the entire population of over 2 million. REUTERS
Straits Times
2 hours ago
- Straits Times
German army prepares to develop deep-strike drones, Handelsblatt reports
Find out what's new on ST website and app. BERLIN - The German armed forces are preparing to develop long-range combat drones capable of striking targets deep in enemy territory, the Handelsblatt newspaper reported on Monday. Three consortia are working on concrete concepts after the Luftwaffe airforce sent a request for deep-strike drones to leading defence companies and startups, the report said. According to the report, Airbus Defence is contributing to the project alongside U.S. startup Kratos, while Germany's Rheinmetall has teamed up with drone specialist Anduril. Munich-based startup Helsing is also involved, the report said. The German defence ministry confirmed preparations for such a project to Handelsblatt, saying that initial talks had taken place but that no formal tender had been issued. The ministry and the companies mentioned did not respond to emailed requests for comment from Reuters. REUTERS
CNA
2 hours ago
- CNA
CK Hutchison eyes 'major' Chinese investor for Panama ports deal
HONG KONG: Hong Kong conglomerate CK Hutchison said Monday (Jul 28) it was considering inviting a Chinese "major strategic investor" to join a United States-led consortium negotiating the sale of its global ports business outside China, including operations at the Panama Canal. The firm said in March it was offloading the ports - including operations in the vital Central American waterway - to a group led by asset manager BlackRock for US$19 billion in cash. The consortium was to include BlackRock subsidiary Global Infrastructure Partners and Terminal Investment Limited, a subsidiary of the Mediterranean Shipping Company. A Hutchison subsidiary has operated ports at both ends of the Panama Canal since 1997. The sale was seen as a political victory for US President Donald Trump, who had vowed to "take back" the Panama Canal from alleged Chinese control, prompting Beijing's ire. China's market regulator said in March it was reviewing the deal. In May, Hutchison co-managing director, Dominic Lai told shareholders that Terminal Investment was the main investor. Its parent company is led by Italian shipping scion Diego Aponte. Aponte's family reportedly has a longstanding relationship with the owner of CK Hutchison Li Ka-shing, who is also Hong Kong's richest man. "(CK Hutchison) remains in discussions with members of the consortium with a view to inviting (a) major strategic investor from (China) to join as a significant member of the consortium," CK Hutchison said in a stock exchange filing Monday. The firm added that changes to the consortium's membership and deal structure will be needed for the deal "to be capable of being approved by all relevant authorities". It said the "period for exclusive negotiations" mentioned in the March announcement had expired, but discussions will continue. It did not name the major investor. The deadline for their exclusive negotiation period ended on Jul 27. China's biggest shipping company Cosco was set to join the consortium and was requesting veto rights or equivalent powers, Bloomberg News reported. Bloomberg Intelligence analyst Denise Wong told the outlet that "ongoing negotiations and the reported inclusion of Cosco Shipping in the consortium have likely eased concerns over Chinese regulatory hurdles, strengthening investor confidence in the deal's viability". Gary Ng, senior economist for Asia Pacific at Natixis, said Monday's developments show that "business deals can be increasingly subject to politics in the new economic and geopolitical reality" as the Hong Kong conglomerate seeks to "keep everyone happy". CK Hutchison said it "intends to allow such time as is required for such discussions to achieve" a workable arrangement. It said it had stated on several occasions that it "will not proceed with any transaction that does not have the approval of all relevant authorities". The initial deal, valued at nearly US$23 billion including US$5 billion in debt, would have given the consortium control over 43 ports in 23 countries, including the ports of Balboa and Cristobal, located at either end of the canal. That agreement also required approval from Panama's government. Its Hong Kong-listed shares fell 0.6 per cent Monday, while Cosco dropped 2.2 per cent.
