Security News > 2021 > March > Casting a Wide Intrusion Net: Dozens Burned With Single Hack
Nimble, highly skilled criminal hackers believed to operate out of Eastern Europe hacked dozens of companies and government agencies on at least four continents by breaking into a single product they all used.
Operating system companies such as Microsoft have long been bull's-eyes - with untold thousands of installations of its Exchange email server being violated globally in the past few weeks, mostly after the company issued a patch and disclosed that Chinese state hackers had penetrated the program.
The hack of up to 100 Accellion customers, who were easily identified by the hackers with an online scan, puts in painful relief a digital age core mission at which both governments and the private sector have been falling short.
Members of Congress are already dismayed by the supply-chain hack of the Texas network management software company SolarWinds that allowed suspected Russian state-backed hackers to tiptoe unnoticed - apparently intent solely on intelligence-gathering - for more than half a year through the networks of at least nine government agencies and more than 100 companies and think tanks.
The Accellion hack was different in one key respect: Its file-transfer program resided on victims' networks either as a stand-alone appliance or cloud-based app.
The Washington state auditor says its hack occurred on Christmas.