Cyber-espionage group Hafnium has exploited Microsoft’s widely used email and calendar Exchange server, breaching more than 30,000 commercial and local government entities in the US.
Criminals took advantage of disclosed flaws in the Exchange platform, a report by KrebsOnSecurity said.
They also tried to remotely take control of email servers of hundreds of thousands of other organisations globally, it said.
Microsoft disclosed four vulnerabilities in its Exchange server in a blog last week.
The gaps let hackers have access to email accounts and install malicious codes on their servers.
The company accused Hafnium, which operates from China, of plotting attacks against Exchange users.
Microsoft issued emergency patches and called on customers to install them.
The company has said the attacks are limited only to business customers and do not affect individual users.
Lotem Finkelsteen, director of threat intelligence at American-Israeli software company Check Point, said the Microsoft attack “is relevant to all businesses using Outlook but not to individual consumers … it is a server issue that the cyber attackers exploited".
Tom Burt, Microsoft’s corporate vice president of customer security and trust, said Exchange was mainly used by business customers.
Mr Burt said there was "no evidence that Hafnium’s activities targeted individual consumers or that these exploits impact other Microsoft products".
Hafnium is a “highly skilled” and “sophisticated" group that steals information from various sectors, including medical researchers, law firms, education institutions, defence, think tanks and NGOs, Microsoft said.
“While Hafnium is based in China, it conducts its operations primarily from leased virtual private servers in the US,” it said.
Microsoft's UAE office referred The National to its blog and declined to comment further.
The US government is assessing the effect, a White House official said on Saturday.
"This is an active threat, still developing, and we urge network operators to take it very seriously," the official said.
China's Foreign Ministry said it “firmly opposes and combats cyber attacks and cyber theft in all forms”.
It said that accusing a particular nation is a “highly sensitive political issue”.
Vulnerabilities found in Exchange servers were “significant” and “could have far-reaching impacts”, said Jen Psaki, the White House press secretary.
“We are concerned that there are a large number of victims,” Ms Psaki said.
The increase in cyber threats has led to a surge in spending on cyber security, which is forecast to rise about 125 per cent to $363.05 billion by 2025 from 2019, research consultancy Mordor Intelligence said.
Industry experts said Exchange exploits were not limited to the US and could affect entities in other parts of the world.
The flaws are "quite severe even if we don't know the full scope of those attacks", Satnam Narang, staff research engineer at cyber-security company Tenable in Maryland, told The National.
“While Microsoft says that Hafnium primarily targets entities within the US, other researchers say they've seen these vulnerabilities being exploited by different threat actors targeting other regions,” Mr Narang said.
Cyber-security company FireEye has identified affected victims in the US including retailers, local governments, a university and an engineering company.
A South-East Asian government and a central Asian telecoms company were also hit.
“In addition to patching as soon as possible, we recommend organisations review their systems for evidence of exploitation that may have occurred prior to the deployment of the patches,” said Charles Carmakal, senior vice president and chief technology officer of FireEye.
Microsoft has said the recent wave of breaches are "in no way connected" to last year's SolarWinds attacks by Russian hackers, which compromised nine US federal agencies and almost 100 businesses.
"State-sponsored hacking groups are exploiting critical Exchange bugs that Microsoft has already patched last week," Avinash Advani, founder and chief executive of Dubai cyber-security company CyberKnight, told The National.
"The disclosure will attract other threat actors looking to compromise unpatched servers.”
65
%3Cp%3E%3Cstrong%3EDirectors%3A%20%3C%2Fstrong%3EScott%20Beck%2C%20Bryan%20Woods%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EStars%3A%20%3C%2Fstrong%3EAdam%20Driver%2C%20Ariana%20Greenblatt%2C%20Chloe%20Coleman%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3ERating%3A%20%3C%2Fstrong%3E2%2F5%3C%2Fp%3E%0A
COMPANY%20PROFILE
%3Cp%3E%3Cstrong%3ECompany%20name%3A%3C%2Fstrong%3E%20Klipit%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EStarted%3A%3C%2Fstrong%3E%202022%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EFounders%3A%3C%2Fstrong%3E%20Venkat%20Reddy%2C%20Mohammed%20Al%20Bulooki%2C%20Bilal%20Merchant%2C%20Asif%20Ahmed%2C%20Ovais%20Merchant%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EBased%3A%3C%2Fstrong%3E%20Dubai%2C%20UAE%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EIndustry%3A%3C%2Fstrong%3E%20Digital%20receipts%2C%20finance%2C%20blockchain%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EFunding%3A%3C%2Fstrong%3E%20%244%20million%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EInvestors%3A%3C%2Fstrong%3E%20Privately%2Fself-funded%3C%2Fp%3E%0A
HOW%20TO%20ACTIVATE%20THE%20GEMINI%20SHORTCUT%20ON%20CHROME%20CANARY
%3Cp%3E1.%20Go%20to%20%3Cstrong%3Echrome%3A%2F%2Fflags%3C%2Fstrong%3E%3C%2Fp%3E%0A%3Cp%3E2.%20Find%20and%20enable%20%3Cstrong%3EExpansion%20pack%20for%20the%20Site%20Search%20starter%20pack%3C%2Fstrong%3E%3C%2Fp%3E%0A%3Cp%3E3.%20Restart%20Chrome%20Canary%3C%2Fp%3E%0A%3Cp%3E4.%20Go%20to%20%3Cstrong%3Echrome%3A%2F%2Fsettings%2FsearchEngines%3C%2Fstrong%3E%20in%20the%20address%20bar%20and%20find%20the%20%3Cstrong%3EChat%20with%20Gemini%3C%2Fstrong%3E%20shortcut%20under%20%3Cstrong%3ESite%20Search%3C%2Fstrong%3E%3C%2Fp%3E%0A%3Cp%3E5.%20Open%20a%20new%20tab%20and%20type%20%40%20to%20see%20the%20Chat%20with%20Gemini%20shortcut%20along%20with%20other%20Omnibox%20shortcuts%20to%20search%20tabs%2C%20history%20and%20bookmarks%3C%2Fp%3E%0A
Real estate tokenisation project
Dubai launched the pilot phase of its real estate tokenisation project last month.
The initiative focuses on converting real estate assets into digital tokens recorded on blockchain technology and helps in streamlining the process of buying, selling and investing, the Dubai Land Department said.
Dubai’s real estate tokenisation market is projected to reach Dh60 billion ($16.33 billion) by 2033, representing 7 per cent of the emirate’s total property transactions, according to the DLD.
How to apply for a drone permit
- Individuals must register on UAE Drone app or website using their UAE Pass
- Add all their personal details, including name, nationality, passport number, Emiratis ID, email and phone number
- Upload the training certificate from a centre accredited by the GCAA
- Submit their request
What are the regulations?
- Fly it within visual line of sight
- Never over populated areas
- Ensure maximum flying height of 400 feet (122 metres) above ground level is not crossed
- Users must avoid flying over restricted areas listed on the UAE Drone app
- Only fly the drone during the day, and never at night
- Should have a live feed of the drone flight
- Drones must weigh 5 kg or less
Living in...
This article is part of a guide on where to live in the UAE. Our reporters will profile some of the country’s most desirable districts, provide an estimate of rental prices and introduce you to some of the residents who call each area home.
UAE currency: the story behind the money in your pockets
Generational responses to the pandemic
Devesh Mamtani from Century Financial believes the cash-hoarding tendency of each generation is influenced by what stage of the employment cycle they are in. He offers the following insights:
Baby boomers (those born before 1964): Owing to market uncertainty and the need to survive amid competition, many in this generation are looking for options to hoard more cash and increase their overall savings/investments towards risk-free assets.
Generation X (born between 1965 and 1980): Gen X is currently in its prime working years. With their personal and family finances taking a hit, Generation X is looking at multiple options, including taking out short-term loan facilities with competitive interest rates instead of dipping into their savings account.
Millennials (born between 1981 and 1996): This market situation is giving them a valuable lesson about investing early. Many millennials who had previously not saved or invested are looking to start doing so now.
