The latest report from the Center for Media and Democracy (CMD) indicates that more than 500 million people were affected by the massive hack that occurred over the weekend. The attacks involved phishing, malware and spear phishing emails. The CMD estimated, at $250 million, that the attacks were “easily the biggest attack to threaten online freedom of expression since the Snowden revelations of mass data theft and data breaches.”
On Monday, Microsoft posted this statement to its official blog to thank the public for their support following such a “complex incident” which caused the company to suspend services, and “restore services immediately upon completion.”
At no time during the incidents did the company have access to our data or to any of our systems. The attackers used spear phishing (fake email attachments), phishing emails, ransomware, file stealing, hacking and other methods to try to gain access. Microsoft also cannot comment on the cause and manner of the incident.
But the most disturbing aspect of the CMD report is not that people lost their data, but that they also gained access and may be gaining new powers to do so again:
… the hackers are not just trying to steal data or steal information. The hackers are trying to gain access and use this access to attack another target, which could result in an attack against the targeted target, which are in turn, further targets of the hackers’ attacks. Additionally, they are trying to gain access to our systems (including server systems, VPN gateways, email servers, databases, cloud services, etc.) and to other systems in order to further attack our systems, which could also result in further attacks targeting other targets.
The group that released the “Vault7” malware which allowed hackers to gain control of computers has been widely associated with cybercriminals:
Vault7, aka APT28, remains the most sophisticated intrusion device that has been found in the last decade, yet it had little to do with any of the hacks or cyber security incidents that have taken place since the dawn of modern cyberspace. In fact, the malware had little to do with the widespread breaches that plagued the financial sector in 2014 and which threatened large amounts of personal and financial data across several institutions. Instead, according to a report by the World Economic Forum, it served “as the vehicle to obtain highly sensitive data from customers from across the globe, including credit card information.” Many banks failed to protect their customers against its many methods.