European Banking Authority Attacked

Uploaded on 2021-03-13 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Financial

The European Banking Authority (EBA) has taken all it’s email systems offline as i its Microsoft Exchange Servers have been hacked by what might be a Chinese state-backed hacking group. 

The EBA isn’t the only organisation under attack, as there is a lot of hacking groups across the world exploiting vulnerabilities to Microsoft's unpatched servers. The Agency has swiftly launched a full investigation, in close co-operation with its ICT provider, a team of forensic experts and other relevant entities.

Microsoft has recently issued emergency patches, but these do not fix systems that have already been attacked. Many of the victims appear to be small or medium-sized businesses although larger groups like the EBA have also been hit.  

The EBA says that access to personal data through emails held on MS Exchange servers may have been obtained by the attacker. It is currently scrambling to identify what, if any, data was accessed.  "The Agency has launched a full investigation, in close cooperation with its ICT provider, a team of forensic experts and other relevant entities," it states. 

"Where appropriate, the EBA will provide information on measures that data subjects might take to mitigate possible adverse effects. As a precautionary measure, the EBA has decided to take its email systems offline."

The EBA claims to be working to identify what, if any, data was accessed. Where appropriate, the EBA will provide information on measures that data subjects might take to mitigate possible adverse effects. In an update on the evolving situation, Microsoft says: "In the attacks observed, the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments."

Microsoft has attributed the attack to Hafnium, a state-sponsored hacking group operating out of China. The attack, which Microsoft has said started with a Chinese government-backed hacking group, has so far claimed at least 60,000 known victims globally, according to a former senior US official with knowledge of the investigation. 
Many of them appear to be small or medium-sized businesses although larger groups like the EBA have also been hit.  

EBA:       Finextra:      Telegraph:     EUReporter:   Daily Maverick:       Silicon:    

You Might Also Read: 

New Zealand Central Bank Cyber Attack:

 

« Hacker Forums Hacked
British Cyber Security Spending Is Rising »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Endian

Endian

Endian’s mission is to provide a secure platform that connects distributed people and things, simplifying the digitalization of businesses.

CyberArts

CyberArts

CyberArts is founded on the belief that every single organization deserves and requires the creme de la creme when there is a need for Cyber services.

H-ON Consulting

H-ON Consulting

H-ON Consulting develops and applies robust cyber security procedures enabling control systems to be secure.

OISTE Foundation

OISTE Foundation

OISTE foundation allows users to control their digital identities using well-understood and secure algorithms that ensure the continued validity of an identity and its claims.

Cybots

Cybots

Cybots is a multinational cyber defence brand founded in Singapore in 2018 to help organizations stay ahead of increasingly sophisticated threats from cyber criminals.

Seadot Cybersecurity

Seadot Cybersecurity

Seadot offer cybersecurity services to organizations with a high demand for regulatory compliance and security.

Mobileum

Mobileum

Mobileum is a leading provider of Telecom analytics for roaming, security and risk management and end-to-end domestic and roaming testing solutions.

Hyperproof

Hyperproof

Hyperproof is a cloud-based compliance operations software. Launch new programs immediately, collect evidence automatically, and manage a compliance program intelligently.

Nisos

Nisos

Nisos provides unrivaled protection of your reputation and assets through the practice of Active Defense.

Dataships

Dataships

We help companies automate their privacy compliance while building healthy, transparent data relationships with their customers.

HackNotice

HackNotice

HackNotice Teams is an all-in-one encompassing tool that monitors threats within your organization, different vendors, and third parties whose services you use.

Rimini Street

Rimini Street

Rimini Street is a global provider of enterprise software support products and services, and the leading third-party support provider for Oracle and SAP software products.

Beyon Cyber

Beyon Cyber

Beyon Cyber offer a complete portfolio of advanced solutions & services for cyber security in Bahrain.

Techtron Business IT Services

Techtron Business IT Services

TECHTRON has been providing business IT services since 2004. Our focus is on SMBs and we are good at it. Our customers trust us, they love our high levels of service, and they love what we stand for.

Invisinet Technologies

Invisinet Technologies

Invisinet is a cybersecurity technology company specializing in innovative solutions that protect network infrastructure and critical assets from advanced threats.

Security4Media

Security4Media

Security4Media is a non-profit association set up to reduce risks and support trust in media, in the face of increasing cybersecurity threat levels.