Jonathan Raa | Nurphoto | Getty Images
A sweeping cyber-espionage campaign organization centered on vulnerable versions ofMicrosoft’s server software has now claimed about 400 victims, according to researchers atNetherlands-based Eye Security.
The figure, which is derived from a count of digital artifacts discovered during scans of servers running vulnerable versions ofMicrosoft’s SharePoint software, compares to 100 organizations cataloged over the weekend. Eye Security says the figure is likely an undercount.
“There are many more, because not all attack vectors have left artifacts that we could scan for,” saidVaisha Bernard, the chief hacker for Eye Security, which was among the first organizations to flag the breaches.
The details of most of the victim organizations have not yet been fully disclosed, but on Wednesday a representative for theNational Institutes of Healthconfirmed that one of the organization’s servers had been compromised.
“Additional servers were isolated as a precaution,” he said. The news of the compromise was first reported by theWashington Post.
The spy campaign kicked off afterMicrosoftfailed to fully patch a security hole in its SharePoint server software, kicking off a scramble to fix the vulnerability when it was discovered.Microsoftand its tech rival, Google owner Alphabet, have both said Chinese hackers are among those taking advantage of the flaw.Beijinghas denied the claim.
About The Author
