European Banking Authority Attacked

Uploaded on 2021-03-13 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Financial

The European Banking Authority (EBA) has taken all it’s email systems offline as i its Microsoft Exchange Servers have been hacked by what might be a Chinese state-backed hacking group. 

The EBA isn’t the only organisation under attack, as there is a lot of hacking groups across the world exploiting vulnerabilities to Microsoft's unpatched servers. The Agency has swiftly launched a full investigation, in close co-operation with its ICT provider, a team of forensic experts and other relevant entities.

Microsoft has recently issued emergency patches, but these do not fix systems that have already been attacked. Many of the victims appear to be small or medium-sized businesses although larger groups like the EBA have also been hit.  

The EBA says that access to personal data through emails held on MS Exchange servers may have been obtained by the attacker. It is currently scrambling to identify what, if any, data was accessed.  "The Agency has launched a full investigation, in close cooperation with its ICT provider, a team of forensic experts and other relevant entities," it states. 

"Where appropriate, the EBA will provide information on measures that data subjects might take to mitigate possible adverse effects. As a precautionary measure, the EBA has decided to take its email systems offline."

The EBA claims to be working to identify what, if any, data was accessed. Where appropriate, the EBA will provide information on measures that data subjects might take to mitigate possible adverse effects. In an update on the evolving situation, Microsoft says: "In the attacks observed, the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments."

Microsoft has attributed the attack to Hafnium, a state-sponsored hacking group operating out of China. The attack, which Microsoft has said started with a Chinese government-backed hacking group, has so far claimed at least 60,000 known victims globally, according to a former senior US official with knowledge of the investigation. 
Many of them appear to be small or medium-sized businesses although larger groups like the EBA have also been hit.  

EBA:       Finextra:      Telegraph:     EUReporter:   Daily Maverick:       Silicon:    

You Might Also Read: 

New Zealand Central Bank Cyber Attack:

 

« Hacker Forums Hacked
British Cyber Security Spending Is Rising »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Exclusive Networks

Exclusive Networks

Exclusive Networks accelerate market entry and growth for innovative cybersecurity, networking and infrastructure technologies.

CionSystems

CionSystems

CionSystems provides identity, access and authentication solutions to improve security and streamline IT infrastructure management.

Inspired eLearning

Inspired eLearning

Inspired eLearning deliver solutions that help clients nurture and enhance workforce skills, protect themselves against cyberattacks and regulatory violations.

APERIO

APERIO

APERIO, the global leader in industrial data integrity, helps its customers drive profitability and sustainability while mitigating risk in their industrial operations.

Jerusalem Venture Partners (JVP)

Jerusalem Venture Partners (JVP)

JVP’s Center of Excellence in Be’er Sheva aims to identify, nurture and build the next wave of cyber security and big data companies to emerge out of Israel.

Seavus Accelerator

Seavus Accelerator

Seavus Accelerator's goal is to create an enabling and stimulating environment for start-ups growth and provide continuous high quality acceleration and investment support.

Port53 Technologies

Port53 Technologies

Port53 Technologies is focused on delivering enterprise-grade, cloud-delivered security solutions that are easy to deploy, simple to manage and extremely effective.

BlackRidge Technology

BlackRidge Technology

BlackRidge Technology develops, markets and supports a family of products that provide a next generation cyber security solution for protecting enterprise networks and cloud services.

HORNE

HORNE

HORNE is a professional services firm supporting clients in public, private & government sectors nationwide.

GrayMatter

GrayMatter

GrayMatter provides Advanced Industrial Analytics, OT Cybersecurity, Digital Transformation and Automation & Control services to clients across the U.S. and Canada.

Certo Software

Certo Software

Certo are trusted experts in mobile security. At Certo, mobile security is not an afterthought, it’s what we do.

CYMAR

CYMAR

CYMAR The “CYBER” Smart Solution to offer sustainability and bring resilience to Global SMART Terminals and protect the supply chain of the World’s economy.

TrueBees

TrueBees

TrueBees is the first deepfakes detector able to detect AI-generated portraits shared on social media and to prevent their diffusion across the web.

Sprocket Security

Sprocket Security

Sprocket Security protects your business by monitoring the cybersecurity landscape and performing continuous penetration testing services.

Vantyr

Vantyr

Vantyr's core mission is to safeguard the business-led adoption of SaaS applications by automating the lifecycle management and security of non-human identities.

GrayHats

GrayHats

GrayHats is a platform-based cybersecurity company devoted to delivering comprehensive, scalable, and proactive protection for businesses in an ever-evolving threat landscape.