FireEye CEO: Reckless Microsoft hack unusual for China

By FRANK BAJAK and NATHAN ELLGREN
March 9, 2021

RESTON, Va. (AP) — Cyber sleuths have already blamed China for a hack that exposed tens of thousands of servers running Microsoft’s Exchange email program to potential hacks. The CEO of a prominent cybersecurity firm says it now seems clear China also unleashed an indiscriminate, automated second wave of hacking that opened the way for ransomware and other cyberattacks.

The second wave, which began Feb. 26, is highly uncharacteristic of Beijing’s elite cyber spies and far exceeds the norms of espionage, said Kevin Mandia of FireEye. In its massive scale it diverges radically from the highly targeted nature of the original hack, which was detected in January.

“You never want to see a modern nation like China that has an offense capability — that they usually control with discipline — suddenly hit potentially a hundred thousand systems,” Mandia said Tuesday in an interview with The Associated Press.

Mandia said his company assesses based on the forensics that two groups of Chinese state-backed hackers — in an explosion of automated seeding — installed backdoors known as “web shells” on an as-yet undetermined number of systems. Experts fear a large number could easily be exploited for second-stage infections of ransomware by criminals, who also use automation to identify and infect targets.

MORE

Microsoft offers software tools to secure elections







May 6, 2019

By FRANK BAJAK

Microsoft has announced an ambitious effort to make voting secure, verifiable and subject to reliable audits by registering ballots in encrypted form so they can be accurately and independently tracked long after they are cast.

Two of the three top U.S elections vendors have expressed interest in potentially incorporating the open-source software into their voting systems.

The software is being developed with Galois, an Oregon-based company separately creating a secure voting system prototype under contract with the Pentagon’s advanced research agency, DARPA. Dubbed “ElectionGuard,” it will be available this summer, Microsoft says, with early prototypes ready to pilot for next year’s U.S. general elections.

CEO Satya Nadella announced the initiative Monday at a developer’s conference in Seattle, saying the software development kit would help “modernize all of the election infrastructure everywhere in the world.”

Three little-known U.S. companies control about 90 percent of the market for election equipment, but have long faced criticism for poor security, antiquated technology and insufficient transparency around their proprietary, black-box voting systems.

Open-source software is inherently more secure because the underlying code is easily scrutinized by outside experts but has been shunned by the dominant vendors whose customers — the nation’s 10,000 election jurisdictions — are mostly strapped for cash.

None offered bids when Travis County, Texas, home to Austin, sought to build a system with the “end-to-end” verification attributes that ElectionGuard promises to deliver.

MORE