What we know about the scope of the Microsoft hack: Palo Alto Networks CEO
Nikesh Arora, Palo Alto Networks CEO and chairman, joined "Squawk Box" on Wednesday to discuss what we know about the scope of the attack on Microsoft's exchange servers, which targeted hundreds of thousands of government offices, small business and schools. To see more of the interview with Arora sign up for a free trial to CNBC Pro: https://cnb.cx/3cio5ND
One week ago, Microsoft disclosed that Chinese hackers were gaining access to organizations’ email accounts through vulnerabilities in its Exchange Server email software and issued security patches.
The hack will probably stand out as one of the top cybersecurity events of the year, because Exchange is still widely used around the world. It could lead companies to spend more on security software to prevent future hacks, and to move to cloud-based email instead of running their own email servers in-house.
IT departments are working on applying the patches, but that takes time and the vulnerability is still widespread. On Monday, internet security company Netcraft said it had run an analysis over the weekend and observed over 99,000 servers online running unpatched Outlook Web Access software.
Shares of Microsoft stock have fallen 1.3% since March 1, the day before the company disclosed the issues, while the S&P 500 index is down 0.7% over the same period.
Here’s what you need to know about the Microsoft cyberattacks:
What happened?
On March 2, Microsoft said there were vulnerabilities in its Exchange Server mail and calendar software for corporate and government data centers. The company released patches for the 2010, 2013, 2016 and 2019 versions of Exchange.
Generally, Microsoft releases updates on Patch Tuesday, which occurs on the second Tuesday of each month, but the announcement about attacks on the Exchange software came on the first Tuesday, emphasizing its significance.
Microsoft also took the unusual step of issuing a patch for the 2010 edition, even though support for it ended in October. “That means the vulnerabilities the attackers exploited have been in the Microsoft Exchange Server code base for more than 10 years,” security blogger Brian Krebs wrote in a Monday blog post.
Hackers had initially pursued specific targets, but in February they started going after more servers with the vulnerable software that they could spot, Krebs wrote.
Are people exploiting the vulnerabilities?
Yes. Microsoft said the main group exploiting vulnerabilities is a nation-state group based in China that it calls Hafnium.
When did the attacks start?
Attacks on the Exchange software started in early January, according to security company Volexity, which Microsoft gave credit to for identifying some of the issues.
How does the attack work?
Tom Burt, a Microsoft corporate vice president, described in a blog post last week how an attacker would go through multiple steps:
First, it would gain access to an Exchange Server either with stolen passwords or by using the previously undiscovered vulnerabilities to disguise itself as someone who should have access. Second, it would create what’s called a web shell to control the compromised server remotely. Third, it would use that remote access – run from the U.S.-based private servers – to steal data from an organization’s network.
Among other things, attackers installed and used software to take email data, Microsoft said.
Do the flaws affect cloud services like Office 365?
No. The four vulnerabilities Microsoft disclosed do not affect Exchange Online, Microsoft’s cloud-based email and calendar service that’s included in commercial Office 365 and Microsoft 365 subscription bundles.
» Subscribe to CNBC TV: https://cnb.cx/SubscribeCNBCtelevision
» Subscribe to CNBC: https://cnb.cx/SubscribeCNBC
» Subscribe to CNBC Classic: https://cnb.cx/SubscribeCNBCclassic
Turn to CNBC TV for the latest stock market news and analysis. From market futures to live price updates CNBC is the leader in business news worldwide.
The News with Shepard Smith is CNBC’s daily news podcast providing deep, non-partisan coverage and perspective on the day’s most important stories. Available to listen by 8:30pm ET / 5:30pm PT daily beginning September 30: https://www.cnbc.com/2020/09/29/the-news-with-shepard-smith-podcast.html?__source=youtube%7Cshepsmith%7Cpodcast
Connect with CNBC News Online
Get the latest news: http://www.cnbc.com/
Follow CNBC on LinkedIn: https://cnb.cx/LinkedInCNBC
Follow CNBC News on Facebook: https://cnb.cx/LikeCNBC
Follow CNBC News on Twitter: https://cnb.cx/FollowCNBC
Follow CNBC News on Instagram: https://cnb.cx/InstagramCNBC
https://www.cnbc.com/select/best-credit-cards/
#CNBC
#CNBCTV
Видео What we know about the scope of the Microsoft hack: Palo Alto Networks CEO канала CNBC Television
One week ago, Microsoft disclosed that Chinese hackers were gaining access to organizations’ email accounts through vulnerabilities in its Exchange Server email software and issued security patches.
The hack will probably stand out as one of the top cybersecurity events of the year, because Exchange is still widely used around the world. It could lead companies to spend more on security software to prevent future hacks, and to move to cloud-based email instead of running their own email servers in-house.
IT departments are working on applying the patches, but that takes time and the vulnerability is still widespread. On Monday, internet security company Netcraft said it had run an analysis over the weekend and observed over 99,000 servers online running unpatched Outlook Web Access software.
Shares of Microsoft stock have fallen 1.3% since March 1, the day before the company disclosed the issues, while the S&P 500 index is down 0.7% over the same period.
Here’s what you need to know about the Microsoft cyberattacks:
What happened?
On March 2, Microsoft said there were vulnerabilities in its Exchange Server mail and calendar software for corporate and government data centers. The company released patches for the 2010, 2013, 2016 and 2019 versions of Exchange.
Generally, Microsoft releases updates on Patch Tuesday, which occurs on the second Tuesday of each month, but the announcement about attacks on the Exchange software came on the first Tuesday, emphasizing its significance.
Microsoft also took the unusual step of issuing a patch for the 2010 edition, even though support for it ended in October. “That means the vulnerabilities the attackers exploited have been in the Microsoft Exchange Server code base for more than 10 years,” security blogger Brian Krebs wrote in a Monday blog post.
Hackers had initially pursued specific targets, but in February they started going after more servers with the vulnerable software that they could spot, Krebs wrote.
Are people exploiting the vulnerabilities?
Yes. Microsoft said the main group exploiting vulnerabilities is a nation-state group based in China that it calls Hafnium.
When did the attacks start?
Attacks on the Exchange software started in early January, according to security company Volexity, which Microsoft gave credit to for identifying some of the issues.
How does the attack work?
Tom Burt, a Microsoft corporate vice president, described in a blog post last week how an attacker would go through multiple steps:
First, it would gain access to an Exchange Server either with stolen passwords or by using the previously undiscovered vulnerabilities to disguise itself as someone who should have access. Second, it would create what’s called a web shell to control the compromised server remotely. Third, it would use that remote access – run from the U.S.-based private servers – to steal data from an organization’s network.
Among other things, attackers installed and used software to take email data, Microsoft said.
Do the flaws affect cloud services like Office 365?
No. The four vulnerabilities Microsoft disclosed do not affect Exchange Online, Microsoft’s cloud-based email and calendar service that’s included in commercial Office 365 and Microsoft 365 subscription bundles.
» Subscribe to CNBC TV: https://cnb.cx/SubscribeCNBCtelevision
» Subscribe to CNBC: https://cnb.cx/SubscribeCNBC
» Subscribe to CNBC Classic: https://cnb.cx/SubscribeCNBCclassic
Turn to CNBC TV for the latest stock market news and analysis. From market futures to live price updates CNBC is the leader in business news worldwide.
The News with Shepard Smith is CNBC’s daily news podcast providing deep, non-partisan coverage and perspective on the day’s most important stories. Available to listen by 8:30pm ET / 5:30pm PT daily beginning September 30: https://www.cnbc.com/2020/09/29/the-news-with-shepard-smith-podcast.html?__source=youtube%7Cshepsmith%7Cpodcast
Connect with CNBC News Online
Get the latest news: http://www.cnbc.com/
Follow CNBC on LinkedIn: https://cnb.cx/LinkedInCNBC
Follow CNBC News on Facebook: https://cnb.cx/LikeCNBC
Follow CNBC News on Twitter: https://cnb.cx/FollowCNBC
Follow CNBC News on Instagram: https://cnb.cx/InstagramCNBC
https://www.cnbc.com/select/best-credit-cards/
#CNBC
#CNBCTV
Видео What we know about the scope of the Microsoft hack: Palo Alto Networks CEO канала CNBC Television
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![Palo Alto Networks and Arista Networks CEOs Reveal Secrets to a Successful Cloud Journey](https://i.ytimg.com/vi/hA6QiyRxhTY/default.jpg)
![WEBINAR: Inside Look A Career in Sales at Palo Alto Networks](https://i.ytimg.com/vi/QUQEDaZ6N3o/default.jpg)
![Palo Alto Networks Vision and Strategic Direction](https://i.ytimg.com/vi/hFn1UvfcGYM/default.jpg)
![The Rise Of Wind Power In The U.S.](https://i.ytimg.com/vi/b5GOsZCWRv4/default.jpg)
![Adidas CEO discusses outlook for the next 5 years](https://i.ytimg.com/vi/D0ougOUiqtk/default.jpg)
![Early Roblox investor on the future of the platform](https://i.ytimg.com/vi/JVjnosarLLs/default.jpg)
![Live Fireside Chat: Bridgecrew and Palo Alto Networks on the future of cloud security](https://i.ytimg.com/vi/iaGWt2O92Ss/default.jpg)
![Microsoft email hack: How does the attack work? What Microsoft is doing? English News](https://i.ytimg.com/vi/ww75nheXb0s/default.jpg)
![Palo Alto CEO on data security's future - Davos 2019](https://i.ytimg.com/vi/O0Gy9QWmf4g/default.jpg)
![Cybersecurity Innovation Starts Here](https://i.ytimg.com/vi/4dU7dIfQ0Ic/default.jpg)
![Zynga CEO Frank Gibeau on entering the cross-platform market](https://i.ytimg.com/vi/0vj_s2xRJZk/default.jpg)
![SoftBank's Looking to Invest Right Now](https://i.ytimg.com/vi/9-hTqs9lcFg/default.jpg)
![Ignite '19 Keynote - Nikesh Arora](https://i.ytimg.com/vi/oHTfoAP4Il0/default.jpg)
![What the Microsoft email hack reveals about U.S. preparation: Joanne Lipman](https://i.ytimg.com/vi/mApaY8Xf7Tc/default.jpg)
![Palo Alto Networks Prisma Public Cloud Overview](https://i.ytimg.com/vi/XMeb6r7EM8g/default.jpg)
![10 Stocks the Smart Money is Buying for 2021](https://i.ytimg.com/vi/X7hr1VDufA0/default.jpg)
![India Today Conclave: Nikesh Arora Speaks On The World According To Google](https://i.ytimg.com/vi/y5OF-3tHxiI/default.jpg)
![Microsoft: Chinese government accountable for cyber attacks on 'exchange server' | US | World News](https://i.ytimg.com/vi/uQh2I_ONhdY/default.jpg)
![Cybercrime could cost $10.5 trillion dollars by 2025](https://i.ytimg.com/vi/P6x4GhjDVHY/default.jpg)
![Machine Learning Zero to Hero (Google I/O'19)](https://i.ytimg.com/vi/VwVg9jCtqaU/default.jpg)