We're now living in the era of the mega-hack. More than ever, software flaws are being seized on by sophisticated hackers who take these bugs - and use them to create attacks that compromise the computer systems of thousands of organisations, all at once.
Newly discovered vulnerabilities in Microsoft's Exchange Server provide a good example of this evolution. The flaws were seized on by (likely China-backed) hackers as a way to attack networks, with tens of thousands of systems apparently compromised in a widespread attack. At least 10 other groups are thought to be attempting to use the same exploits, and now cyber criminals are piggy-backing on the original attack in an attempt to deliver ransomware too.
Bugs exists wherever there is software, despite attempts to eradicate them. What we're seeing now is an growing ability and desire from hackers to turn these bugs into attacks. Increasingly, the same software applications and tools are being used by companies around the world. Some may not even be aware of the software code they are relying on, such is the interconnected world of tech products. And even if they do know the software they are using, too many companies fail to update it even when warned about vulnerabilities by software vendors.
Hacking groups have different motivations: state-backed hackers want to gain access to as many systems as possible before deciding which have strategic value (either a source of intelligence or as a stepping-stone to compromising other systems); cyber criminals want to break in ..
Support the originator by clicking the read the rest link below.
