At the end of last week, after summing up the results of cyber attacks on Microsoft products, such as Exchange Server and message services, crisis managers in the field of information security sounded the alarm because of a continuous system of hacks, which covered not tens, but tens of thousands of objects.

 

 

The global level of such a cyberattack, according to security experts, is primarily due to the obvious progressive automation of the infection process and the exploitation of vulnerabilities.

 

In addition, not only large corporate networks were attacked, but also medium-sized and even small companies; there is also an assumption that the vulnerabilities discovered by various hacker groups were spread within a limited circle of cybercriminals, which made it possible to unify processes and reach a qualitatively new level of action – when, according to researchers, more than 60,000 entry points were compromised in a few days…

The strategy of actions is approximately the same-throwing specific software, which then provides penetration, then-a natural increase in privileges in the system to be able not only to access, but also to send data from the servers of the victims.

 

According to Microsoft, the beginning of these attacks was laid by the forces of a hacker group from China with the support of the country’s government.

 

However, security patches for Exchange Server were urgently released, with a recommendation for an immediate update.

 

In general, at this time, a large number of different government agencies in the United States are dealing with this problem, up to the National Security Agency: according to printed publications of government authorities, work is underway to survey companies, track and analyze the mechanisms of infection of corporate networks and attack algorithms, according to the vectors of which multi-level reserved access to company servers is made.

 

So, in just a few days, employees of about fifty companies were interviewed as part of the investigation of complex incidents to understand the basics and direction of the attackers ‘ actions.

 

The factors that contributed to such a rapid march of break-ins were identified. In particular, this is the need for timely updates, which significantly complicate the attack procedure, and the possible automation by cybercriminals of infection and gaining access both to company networks and through vulnerable software-to corporate email.

Leave a Reply

Your email address will not be published. Required fields are marked *

GPD Host Contacts
GPD Host Social
Pay with Confidence

Copyright © 2015 - 2020 GPD Host All right reserved.