Thousands of US companies have been compromised due to a back door that was installed via recently patched flaws in Microsoft Corp's email software, a person familiar with the US government's response said on Friday. The hack took place earlier this week and since then the hackers have been on a tear across more than 20,000 organizations across the United States and Europe.
According to reports, the massive hack has reached more places than the total codes downloaded from SolarWinds Corporation, which was also victim of a major hack in December. Records also show several organizations across Asia were compromised.
Macrosoft issued an emergency patch on Tuesday but that hasn't helped much as the hacks are continuing at an alarming pace. The massive hack this time has created channels for remote access spread among credit unions, town governments and small businesses, initial investigations suggest.
According to experts, if the problem isn't fixed immediately, then it's just a matter of time before the hackers start cloning the break-in tools, which may further complicate the already problem for those who use Microsoft's Exchange email and calendaring software.
Microsoft has initially said that the hack was not of a large scale and consisted of "limited and targeted attacks." However, it's lot bigger than it was earlier thought to be. The company is now working closely with government agencies to help customers. Microsoft on Friday also said that "impacted customers should contact our support teams for additional help and resources."
The problem is being faced by customers who lately installed the patches. One scan of connected devices showed 10% of those vulnerable had installed the patches by Friday but the number fast rising.
Government agencies are not scrambling to figure out how to notify the users and guide them toward safety given that installing the patch does not guarantee of getting rid of the back doors. Majority of those affected.
That said, most of those who have been a victim of this, use web versions of email client Outlook and host them on their own machines, instead of relying on cloud providers. This may at the same time may have saved several major federal agencies and companies.
The White House too on Friday raised alarm on this major flaw. White House press secretary Jen Psaki said that the vulnerabilities found in Microsoft's widely used Exchange servers were "significant," and "could have far-reaching impacts."
Although both Microsoft initially put the blame on a Chinese government-backed actor, Beijing has denied the allegation. More attacks are expected from other hackers as the code used to take control of the mail servers spreads. "A couple hundred guys are exploiting them as fast as they can," stealing data and installing other ways to return later, a government official said.