Microsoft Corp. and U.S. government officials are still working to understand how a network of suspected Chinese hacking groups carried out an unusually indiscriminate and far-reaching cyberattack on Microsoft email software, more than a month after the discovery of an operation that rendered hundreds of thousands of small businesses, schools and other organizations vulnerable to intrusion.
A leading theory has emerged in recent weeks, according to people familiar with the matter: The suspected Chinese hackers mined troves of personal information acquired beforehand to carry out the attack.
Microsoft Exchange servers run Microsoft Outlook, which is used almost universally for e-mail in corporate America. Having access to that is having the keys to the kingdom at almost any company in the country and many abroad.
So where did they get all this personal information? The evidence indicates that it came from prior hacks:
Among the potential sources of the personal data is China’s vast archive of likely billions of personal records its hackers stole over the past decade. The hackers may have mined that to discover which email accounts they needed to use to break into their targets, according to people familiar with the matter.
Chinese hacking is starting to operate like a flywheel: hack target A, get information, use it to hack target B, get more information, then hit C.
The Biden administration provided some wise guidance to Microsoft:
Microsoft has pushed its customers to install security patches over the past month, releasing a blizzard of more than 25 patches that covered the wide array of Exchange versions. At the Biden administration task force’s urging, the company also simplified the updating process for customers, releasing a “one-click patch” option.
I can’t help but think that this level of sophistication would’ve eluded the Trump administration.
With China increasingly aggressive in numerous ways, this could be a big opportunity for American security companies to step up and provide better protection. I’ll definitely be on the look out for network security startups that look promising.
For more on technology, check out these posts:
- Unicorns Are Being Minted Faster Than Ever
- This Is How Startups Pitch Investors
- 7 Companies Had 3 Minutes Each to Pitch Us. This Is What Happened.
If you found this post interesting, please share it on Twitter/LinkedIn/email using the buttons below. This helps more people find the blog! And please leave a comment at the bottom of the page letting me know what you think and what other information you’re interested in!
Check out the Stuff I Use page for some great deals on products and services I use to improve my health and productivity. They just might help you too!