European Banking Authority Attacked

Uploaded on 2021-03-13 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Financial

The European Banking Authority (EBA) has taken all it’s email systems offline as i its Microsoft Exchange Servers have been hacked by what might be a Chinese state-backed hacking group. 

The EBA isn’t the only organisation under attack, as there is a lot of hacking groups across the world exploiting vulnerabilities to Microsoft's unpatched servers. The Agency has swiftly launched a full investigation, in close co-operation with its ICT provider, a team of forensic experts and other relevant entities.

Microsoft has recently issued emergency patches, but these do not fix systems that have already been attacked. Many of the victims appear to be small or medium-sized businesses although larger groups like the EBA have also been hit.  

The EBA says that access to personal data through emails held on MS Exchange servers may have been obtained by the attacker. It is currently scrambling to identify what, if any, data was accessed.  "The Agency has launched a full investigation, in close cooperation with its ICT provider, a team of forensic experts and other relevant entities," it states. 

"Where appropriate, the EBA will provide information on measures that data subjects might take to mitigate possible adverse effects. As a precautionary measure, the EBA has decided to take its email systems offline."

The EBA claims to be working to identify what, if any, data was accessed. Where appropriate, the EBA will provide information on measures that data subjects might take to mitigate possible adverse effects. In an update on the evolving situation, Microsoft says: "In the attacks observed, the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments."

Microsoft has attributed the attack to Hafnium, a state-sponsored hacking group operating out of China. The attack, which Microsoft has said started with a Chinese government-backed hacking group, has so far claimed at least 60,000 known victims globally, according to a former senior US official with knowledge of the investigation. 
Many of them appear to be small or medium-sized businesses although larger groups like the EBA have also been hit.  

EBA:       Finextra:      Telegraph:     EUReporter:   Daily Maverick:       Silicon:    

You Might Also Read: 

New Zealand Central Bank Cyber Attack:

 

« Hacker Forums Hacked
British Cyber Security Spending Is Rising »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Cloud Security Alliance (CSA)

Cloud Security Alliance (CSA)

The CSA is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing

CyberSmart

CyberSmart

CyberSmart is a platform that allows you to maintain compliance, achieve certification and secure your organisation.

Gemserv

Gemserv

Gemserv is a specialist market design, governance and assurance services consultancy.

Hornetsecurity

Hornetsecurity

Meet Hornetsecurity – Leading Cloud Email Security Provider. We protect global organizations so you can focus on what you do best.

StormWall

StormWall

StormWall is an Anti-DDoS protection service for websites and networks. We offer 100% protection from all types of DDoS attacks and 24/7 technical support.

Fyde

Fyde

Fyde helps companies with an increasingly distributed workforce mitigate breach risk by enabling secure access to critical enterprise resources.

Nova Leah

Nova Leah

Nova Leah helps connected medical device manufacturers meet cybersecurity compliance requirements throughout the entire product lifecycle.

Bolster

Bolster

Bolster (formerly RedMarlin) is an AI-based cyber-security platform designed to detect phishing and fraudulent sites in real-time.

Predatech

Predatech

A cyber security consultancy offering a range of services, including CREST accredited penetration testing, vulnerability assessments and certifications incl. Cyber Essentials & Cyber Essentials Plus.

Crosspoint Capital Partners

Crosspoint Capital Partners

Crosspoint Capital Partners is a private equity investment firm focused on the cybersecurity and privacy sectors.

Dataprise

Dataprise

Dataprise is a leading IT managed services provider offering IT Management and Help Desk Support Services, Cloud Services, Information Security Solution, IT Strategy and Consulting.

RegScale

RegScale

RegScale helps organizations comply in real-time with multiple compliance requirements (NIST, CMMC, ISO, SOX, etc), scalable to meet the needs of the entire enterprise.

Policy Monitor

Policy Monitor

Policy Monitor is a cyber security company founded by experts with extensive experience in operational and risk management.

Apollo Secure

Apollo Secure

Apollo is an automated cybersecurity platform for startups and small businesses to achieve and maintain security compliance.

Triskele Labs

Triskele Labs

Triskele Labs deliver services including Penetration Testing, Compliance and Risk Management through to 24*7*365 Security Operations and outsourced Cybersecurity Managers.

Centum Digital

Centum Digital

Centum Digital provide services, products and solutions specialized in communications engineering, control and signal intelligence.