But that's exactly what happened - because if their email server was connected to the internet it meant any bad guy could hit it. Some banks, big corporations and defense companies run a hybrid system, using the cloud for a lot of their day-to-day operations but maintaining servers in-house to store proprietary information they'd prefer to control.Ĭompanies running their own Exchange servers tend to be small and medium-size firms, places with small IT departments that, until recently, didn't spend much time worrying about being targeted in a cyberattack. These days most companies run Exchange in the cloud so Microsoft takes care of data security. "It was like a conversation in which the receiving server was saying, 'Oh, you're the Exchange server, you're a trusted entity, you're allowed to do this,' " Adair said, "and basically it doesn't check that this is a completely unauthenticated request."Īs soon as Adair saw that, he reached out to Microsoft. "The hair is almost rising on my arms right now when I think about it," he says. Steven Adair, the founder of a Virginia-based cybersecurity company called Volexity, was the first to discover the Microsoft Exchange hack in the wild. "We don't know what the Chinese are building, but what we do know is that diversity of data, quality of data aggregation, accumulation of data is going to be critical to its success." "There is a long-term project underway," said Kiersten Todt, who was the executive director of the Obama administration's bipartisan commission on cybersecurity and now runs the Cyber Readiness Institute.
The Beijing leadership aims to lead the world in a technology that allows computers to perform tasks that traditionally required human intelligence - such as finding patterns and recognizing speech or faces. Officials believe that the breach was in the service of something bigger: China's artificial intelligence ambitions. intelligence officials - found that stealing emails and intellectual property may only have been the beginning.
NPR's months-long examination of the attack - based on interviews with dozens of players from company officials to cyber forensics experts to U.S. They hit mom-and-pop shops, dentist offices, school districts, local governments - all in a brazen attempt to vacuum up information.īoth the White House and Microsoft have said unequivocally that Chinese government-backed hackers are to blame. Then they went wild and launched a second wave of attacks to sweep Exchange data from tens of thousands of unsuspecting victims. For nearly three months, intruders helped themselves to everything from emails to calendars to contacts.
#Microsoft data breach 2021 software#
What Adair discovered was a massive hack into Microsoft Exchange - one of the most popular email software programs in the world. "This feeling of like, oh, crap this is not what should be going on." "The hair is almost rising on my arms right now when I think about it," Adair told NPR later. He followed all this requested information to a virtual server off-site.
There were requests for access to specific email accounts, requests for confidential files. So he took a quick look at a server his client was using to run Microsoft Exchange and was stunned to "see requests that we're not expecting," he said. Back in January, in a corner-of-his-eye, peripheral kind of way, he thought he saw one in his customer's networks - a shadowy presence downloading emails.Īdair is the founder of a cybersecurity company called Volexity, and he runs traps to corner intruders all the time. Now they believe China vacuumed up reams of information in a bid to develop better artificial intelligence, or AI. When investigators discovered the hack on Microsoft Exchange servers in January, they thought it was about stealing emails.
0 kommentar(er)
