The breach was discovered in early January and was attributed to Chinese cyber spies who were aiming for US policy think tanks. Then, at the end of February, five days before Microsoft Corp. launching a patch on March 2, there was an explosion of infiltrations from other intruders, hitchhiking on the initial breach.
The White House earlier this month described the hack as an “active threat” that was being addressed by senior national security officials. The government’s response is being led by Deputy National Security Advisor Anne Neuberger, who has called on government officials and private sector experts to think of solutions, mainly because smaller companies often lack the resources to contain cyber attacks and clean up after hacks. .
Since the tool’s launch, the number of vulnerable systems has dropped to less than 10,000 from at least 120,000 at the peak.
Although Microsoft has received considerable criticism for being the provider of software exploited by elite hackers, Charles Carmakal, senior vice president and technical director of the prominent cyber security firm FireEye, said Microsoft, based in Redmond, Wash. , You deserve credit for working hard to help the people running your software defend themselves.
He cited, in particular, the ready-to-download script that can be used to patch and see if your systems have been compromised.
“The level of effort they put into it to help companies defend themselves is incredible,” he said. “It is a difficult situation that organizations face with vulnerability in general.”