Article content
(Bloomberg) — Microsoft Corp.’s server software was exploited by unidentified hackers, with analysts warning of widespread cybersecurity breaches across the globe.
THIS CONTENT IS RESERVED FOR SUBSCRIBERS ONLY
Subscribe now to read the latest news in your city and across Canada.
- Exclusive articles from Barbara Shecter, Joe O’Connor, Gabriel Friedman, and others.
- Daily content from Financial Times, the world’s leading global business publication.
- Unlimited online access to read articles from Financial Post, National Post and 15 news sites across Canada with one account.
- National Post ePaper, an electronic replica of the print edition to view on any device, share and comment on.
- Daily puzzles, including the New York Times Crossword.
SUBSCRIBE TO UNLOCK MORE ARTICLES
Subscribe now to read the latest news in your city and across Canada.
- Exclusive articles from Barbara Shecter, Joe O’Connor, Gabriel Friedman and others.
- Daily content from Financial Times, the world’s leading global business publication.
- Unlimited online access to read articles from Financial Post, National Post and 15 news sites across Canada with one account.
- National Post ePaper, an electronic replica of the print edition to view on any device, share and comment on.
- Daily puzzles, including the New York Times Crossword.
REGISTER / SIGN IN TO UNLOCK MORE ARTICLES
Create an account or sign in to continue with your reading experience.
- Access articles from across Canada with one account.
- Share your thoughts and join the conversation in the comments.
- Enjoy additional articles per month.
- Get email updates from your favourite authors.
THIS ARTICLE IS FREE TO READ REGISTER TO UNLOCK.
Create an account or sign in to continue with your reading experience.
- Access articles from across Canada with one account
- Share your thoughts and join the conversation in the comments
- Enjoy additional articles per month
- Get email updates from your favourite authors
Sign In or Create an Account
or
Article content
The Redmond, Washington-based software maker said it had released a new security patch for customers to apply to their SharePoint servers “to mitigate active attacks targeting on-premises servers,” adding it was working to roll out others. The vulnerability allowed hackers to access file systems and internal configurations, as well as execute code, the US Cybersecurity and Infrastructure Security Agency said.
Article content
Article content
Article content
Cybersecurity firms cautioned that a broad section of organizations around the world could be affected by the breach. Silas Cutler, a researcher at Michigan-based cybersecurity firm Censys, estimated that more than 10,000 companies with SharePoint servers were at risk. The US had the largest number of those companies, followed by the Netherlands, the UK and Canada, he said.
Article content
By signing up you consent to receive the above newsletter from Postmedia Network Inc.
Article content
“It’s a dream for ransomware operators, and a lot of attackers are going to be working this weekend as well,” he added.
Article content
Palo Alto Networks Inc. warned that “these exploits are real, in-the-wild, and pose a serious threat.” Google Threat Intelligence Group said in an e-mailed statement it had observed hackers exploiting the vulnerability, adding it allows “persistent, unauthenticated access and presents a significant risk to affected organizations.”
Article content
“When they’re able to compromise the fortress that is SharePoint, everybody is kind of at their whim because that is one of the highest security protocols out there,” said Gene Yu, CEO of Singapore-based cyber incident response firm Blackpanda.
Article content
Article content
The Washington Post reported that the breach had affected US federal and state agencies, universities, energy companies and an Asian telecommunications company, citing state officials and private researchers.
Article content
Researchers at Eye Security were the first to identify the vulnerability, Cutler said. They reported an intrusion on Friday resembling one identified earlier in the week in a demo by researchers Code White GmbH, which reproduced vulnerabilities presented by others at the Pwn2Own hacking contest.
Article content
Eye Security said the vulnerability allows hackers to access SharePoint servers and steal keys that can let them impersonate users or services even after the server is patched. It said hackers can maintain access through backdoors or modified components that can survive updates and reboots of systems.
Article content
A Microsoft spokesperson declined to comment beyond the company’s statement.
Article content
Microsoft has faced a series of recent cyberattacks, warning in March that Chinese hackers were targeting remote management tools and cloud applications to spy on a range of companies and organizations in the US and abroad.
Article content
The Cyber Safety Review Board, a White House-mandated group designed to examine major cyberattacks, said last year that Microsoft’s security culture was “inadequate” following the 2023 hack of the company’s Exchange Online mailboxes. In that incident, hackers were able to breach 22 organizations and hundreds of individuals, including former US Commerce Secretary Gina Raimondo.
Article content
(Updates with details, quotes from the sixth paragraph.)
Article content
