Axios
30,000 U.S. organizations hacked by espionage unit linked to Chinese government
At least 30,000 U.S. victims — including small businesses and local governments — have been hacked by a cyber espionage unit backed by the Chinese government, Krebs on Security reports.What’s happening: Hackers focused on stealing emails from victim organizations by exploiting flaws in the Microsoft Exchange Server, widely used by large companies and organizations.Get market news worthy of your time with Axios Markets. Subscribe for free.Context: Since January, Chinese-backed hackers have used four flaws in Microsoft’s software to gain control of the email servers of organizations around the world.Microsoft released emergency security updates for the software on March 2, but the Chinese group has quickly increased attacks on unpatched Exchange servers since the release of the update.Among the U.S. victims are “banks, credit unions, non-profits, telecommunications providers, public utilities and police, fire and rescue units,” according to Krebs on Security, which reviewed a list of victims.The big picture: The attack follows the major SolarWinds breach by Russian-backed hackers that became public in December 2020 and will likely compound pressure on the government and private sector to strengthen cybersecurity measures.The new breach is unrelated to SolarWinds, but it also “may well end up far eclipsing the damage done by the SolarWinds intruder,” according to Krebs.What they’re…
