It has been quite a week for cyberattacks, one that left the world’s public and private sectors once again scrambling to determine if they have been hit — and if so, what damage has been done. The US Cybersecurity and Infrastructure Security Agency (CISA) issued an alert on Twitter March 8 urging “ALL organizations across ALL sectors to follow guidance to address the widespread domestic and international exploitation” of four vulnerabilities in Microsoft’s Exchange email application, which the tech company disclosed a week ago. Microsoft’s announcement last week blamed a Chinese state-backed hacking group known as Hafnium for conducting stealth attacks on the email servers of choice targets at the beginning of the year.
Experts told The Financial Times that since attention was drawn to the flaws, there has been a flood of attacks by multiple hacking outfits — including criminal groups — rushing to compromise victims before they secure their system. At least 10 different hacking groups are using recently discovered flaws in Microsoft Corp’s mail server software to break in to targets around the world, cybersecurity company ESET said in a March 10 blog post.The European Banking Authority, two German federal ministries and Norway’s parliament are among those that have admitted being compromised.
CISA and FBI warned that adversaries could exploit these vulnerabilities to compromise networks, steal information, encrypt data for ransom, or execute a destructive attack. They encouraged government agencies and corporates to patch now or disconnect Microsoft Exchange servers from the Internet.
Estimates of the number of victims continue to vary. Seasoned cyber security researcher Brian Krebs has claimed that at least 30,000 U.S. organizations “including a significant number of small businesses, towns, cities and local governments” were hacked in the days following Microsoft’s disclosure, citing multiple sources briefed on the matter, according to the Financial Times. Other estimates have run as high as 250,000 victims. Huntress, a cyber security group focused on small businesses, told the FT it had uncovered more than 350 breached victims from among its clientele including “small hotels, an ice cream company, a kitchen appliance manufacturer, multiple senior citizen communities and other ‘less than sexy’ mid-market businesses”.
On March 9th a group of hackers separately revealed that it had breached a massive trove of security-camera data collected by Silicon Valley startup Verkada, gaining access to live feeds of 150,000 surveillance cameras inside hospitals, companies, police departments, prisons and schools. Some of the hacked cameras, including in hospitals, use facial-recognition technology to identify and categorize people captured on the footage.
The data breach was carried out by an international hacker collective who said it did it to show the pervasiveness of video surveillance and the ease with which systems could be broken into. One of the hackers, who previously claimed credit for hacking chipmaker Intel and carmaker Nissan, told Bloomberg the reasons for hacking are “lots of curiosity, fighting for freedom of information and against intellectual property, a huge dose of anti-capitalism, a hint of anarchism — and it’s also just too much fun not to do it.”
Meanwhile, a report released this week by the CyberPeace Institute details how cyberattacks on the healthcare sector have increased by 45% in the last year, posing a global threat to health. (See The Innovator’s interview of the week with CyberPeace Institute’s CEO.)
Companies and government agencies are still reeling from a Russian espionage campaign, in which the perpetrators hijacked a ubiquitous IT software product to gain access to thousands of corporate and government systems. In the wide-ranging SolarWinds hack, which included the U.S. Commerce and Treasury departments, hackers lurked within some systems for more than a year in what some experts have cast as typical intelligence-gathering activity.
That’s not all. In February the French government’s chief cybersecurity agency, the National Agency for the Security of Information Systems (ANSSI), revealed that hackers – suspected to be part of a Russian cyber-espionage group nicknamed “Sandworm” – spent up to three years exploiting a vulnerability in software designed to monitor applications, networks, and systems. The multi-year intrusion campaign, which dates back to 2017, resulted in backdoor attacks on at least 15 French organizations.
In Other News This Week
Plant-Based Food Producer Notco Granted U.S. Patent For Its AI
Chile-based alt protein company NotCo has been granted a U.S. patent for its artificial intelligence technology. NotCo, first launched its plant-based milk alternative, NotMilk, in the U.S. at the end of 2020 and has U.S.-based retail deals with Sprouts, Wegmans, and online grocer Imperfect Foods. In Latin America, it also sells a plant-based mayo, a burger-like item, and ice cream in Brazil, Chile, and Argentina. The company’s AI platform, named Giuseppe, sifts through huge datasets to find ingredient and processing combinations that would best mimic the flavor and texture of real meat or dairy in plant-based analogues. The idea is to find the types of combinations that can create a product that completely mimics traditional meat and dairy — a feat few if any plant-based protein-makers have yet to achieve.
Avant Slashes The Cost Of Its Cultured Protein
Hong Kong-based Avant Meats announced that it has achieved a 90 % reduction in the cost of producing its cultured proteins. It is best-known as the company using fish cells to create cultured fish maw and sea cucumbers, both of which are considered delicacies in Chinese cuisine. The company said it is partnering with Chinese biopharmaceutical company QuaCell to bring the cost down even further.
Swiss Maker Of Meat Alternatives Raises Funds To Expand
Planted, a spin-off of ETH Zurrich that is pursuing a unique method of creating a vegetarian chicken alternative, has raised an $18 million Series A to expand its product offerings and international footprint. With new kebabs and pulled-style faux meats available and steak-like cuts in the pipeline, Planted has begun to set its sights outside central Europe.
Mastercard Sets Sights On Digital Health Pass
Mastercard is joining forces with the International Chamber of Commerce (ICC) to offer up its technological skills in the creation of digital health pass solutions that can help accelerate the global recovery from Covid-19. The partners say that governments are currently mostly relying on a range of paper-based processes to determine the Covid-19 test results and vaccine status of travellers. Mastercard and the ICC say they want to establish an enabling environment for interoperable digital alternatives that reduce fraud and reinforce trust. They plan to work with policymakers and business leaders to make sure that governments have a “range of compatible digital health pass solutions at their fingertips to bolster their recovery strategies and protect the personal data of users everywhere”.
App Claims To ID COVID Cough By Its Sound
Scientists at Essex University have created a tool that can accurately diagnose Covid-19 just by the sound of a person’s cough.Researchers believe that their work could be used in an app to provide a much less invasive, cheaper and quicker way to test for the virus. The team used 8,380 audio samples of people coughing from hospitals in Spain and Mexico since April last year and found that the tool was 98 per cent accurate in identifying whether the samples were from people with a positive or negative coronavirus result.
GM Announces Partnership With Lithium Battery Startup
General Motors announced a partnership on March 9 with a lithium metal battery startup to boost the U.S. automaker’s battery development, allowing for higher electric vehicle driving range in a smaller package.
German Insurtech WeFox Plans Risk-Prevention Product
German insurance tech startup Wefox plans to launch a risk prevention product that will use data from smartphones and other connected devices to warn users of impending danger, its founder and CEO Julian Teicke told Reuters on Thursday.The product, to be called Wefox Prevent, is being developed by a Paris-based team recently hired from Samsung, the Korean electronics giant that has also backed Wefox, and is expected to go live next year.“We don’t just want to be an insurer that hands out policies,” Teicke told Reuters in an interview. “With this team on board we will develop into a risk prevention business, powered by technology.”
Deutsche Börse Tests Quantum Computing For Risk Models
Deutsche Börse has piloted the use of quantum algorithms to compute risk models, finding that the technology can bring down the time required for simulations from years to hours. The exchange operator worked with JoS Quantum to develop a quantum algorithm that could tackle some of the limitations facing its risk models for forecasting the financial impact of adverse external developments such as macroeconomic events, changes in competition, or new regulation.
To access more of The Innovator’s News In Context articles click here.