Microsoft says hackers tied to the Chinese government, Linen Typhoon and Violet Typhoon, are among the groups that have exploited the hack. It adds that another Chinese group, Storm-2603, used the hack to deploy ransomware in enterprises.
Researchers say much of the damage could have been avoided if Microsoft properly patched the security hole quickly and followed up to help companies banish hackers that still had access to SharePoint. The hack is particularly dangerous, because it combines two security exploits — one that allows hackers to get into SharePoint and another that allows them to steal and use SharePoint server ASP.NET machine keys.
Sunil Varkey, an advisor at Beagle Security, blames Microsoft for missing that several security vulnerabilities were related, which made the attack much worse. He told CSO Online: “In cybersecurity, a single vulnerability can pose a significant risk, but when vulnerabilities are combined, the consequences can be catastrophic. This wasn’t just a technical miss. It was a strategic failure to recognize how the individual parts combined to form something far more dangerous.”
This story originally appeared on Computerworld
