More than 20,000 US organizations compromised through Microsoft flaw

Microsoft has said a state-sponsored hacking group operating out of China is exploiting previously unknown security flaws in its Exchange email services to steal data from business users. (AFP / GERARD JULIEN)
Microsoft has said a state-sponsored hacking group operating out of China is exploiting previously unknown security flaws in its Exchange email services to steal data from business users. (AFP / GERARD JULIEN)
Short Url
Updated 06 March 2021

More than 20,000 US organizations compromised through Microsoft flaw

More than 20,000 US organizations compromised through Microsoft flaw
  • The hacks are continuing despite emergency patches issued by Microsoft on Tuesday
  • Microsoft and the person working with the US response blamed the initial wave of attacks on a Chinese government-backed actor

WASHINGTON: More than 20,000 US organizations have been compromised through a back door installed via recently patched flaws in Microsoft Corp’s email software, a person familiar with the US government’s response said on Friday.
The hacking has already reached more places than all of the tainted code downloaded from SolarWinds Corp, the company at the heart of another massive hacking spree uncovered in December.
The latest hack has left channels for remote access spread among credit unions, town governments and small businesses, according to records from the US investigation.
Tens of thousands of organizations in Asia and Europe are also affected, the records show.
The hacks are continuing despite emergency patches issued by Microsoft on Tuesday.
Microsoft, which had initially said the hacks consisted of “limited and targeted attacks,” declined to comment on the scale of the problem on Friday but said it was working with government agencies and security companies to provide help to customers.
It added, “impacted customers should contact our support teams for additional help and resources.”
One scan of connected devices showed only 10% of those vulnerable had installed the patches by Friday, though the number was rising.
Because installing the patch does not get rid of the back doors, US officials are racing to figure out how to notify all the victims and guide them in their hunt.
All of those affected appear to run Web versions of email client Outlook and host them on their own machines, instead of relying on cloud providers. That may have spared many of the biggest companies and federal government agencies, the records suggest.
The federal Cybersecurity and Infrastructure Security Agency did not respond to a request for comment.
Earlier on Friday, White House press secretary Jen Psaki told reporters that the vulnerabilities found in Microsoft’s widely used Exchange servers were “significant,” and “could have far-reaching impacts.”
“We’re concerned that there are a large number of victims,” Psaki said.
Microsoft and the person working with the US response blamed the initial wave of attacks on a Chinese government-backed actor. A Chinese government spokesman said the country was not behind the intrusions.
What started as a controlled attack late last year against a few classic espionage targets grew last month to a widespread campaign. Security officials said that implied that unless China had changed tactics, a second group may have become involved.
More attacks are expected from other hackers as the code used to take control of the mail servers spreads.
The hackers have only used the back doors to re-enter and move around the infected networks in a small percentage of cases, probably less than 1 in 10, the person working with the government said.
“A couple hundred guys are exploiting them as fast as they can,” stealing data and installing other ways to return later, he said.
The initial avenue of attack was discovered by prominent Taiwanese cyber researcher Cheng-Da Tsai, who said he reported the flaw to Microsoft in January. He said in a blog post that he was investigating whether the information leaked.
He did not respond to requests for further comment.


Evergrow signs $400m loan to restructure debts

Evergrow signs $400m loan to restructure debts
Updated 22 April 2021

Evergrow signs $400m loan to restructure debts

Evergrow signs $400m loan to restructure debts
  • $74 million of loan will finance construction of fertilizer plant in Sadat City
  • Mashreq Bank and National Bank of Egypt led 12-bank syndicate

RIYADH: Egyptian fertilizer company Evergrow has signed a $400 million loan agreement with a syndicate of 12 banks led by Mashreq Bank and the National Bank of Egypt (NBE), who acted as the facility arrangers, Asharq reported citing a joint statement on Wednesday.

The plan consists of $326 million that will be used to restructure previous debts Evergrow owes to the same banks, while the remaining $74 million will finance the construction of the third phase of the company’s fertilizer plant in Sadat City, slated for completion within nine months.

The financing is one of the largest dollar loans granted by banks to private sector companies in the Egyptian market in the field of potassium fertilizers during the past 10 years.

The deal is part of Evergrow’s financial reform program sponsored by the Central Bank of Egypt.

The new funds will help raise the annual production capacity of all the company’s products from 817,000 tons currently to 1.15 million tons annually, said Evergrow Chairman Mohamed El Kheshen.

Egypt’s Minister of Trade and Industry Neveen Gamea in March said that Egypt aims to increase its exports — especially to EU, African and Arab markets — to $100 billion, through the implementation of a strategic plan.


Turkish crypto founder flees with reported $2bn

Turkish crypto founder flees with reported $2bn
Updated 22 April 2021

Turkish crypto founder flees with reported $2bn

Turkish crypto founder flees with reported $2bn
  • Launched aggressive campaigns to lure investors
  • Founder reported to have flown to either Albania or Thailand
ISTANBUL: Turkish prosecutors on Thursday opened an investigation after the Istanbul-based founder of a cryptocurrency exchange shut down his site and fled the country with a reported $2 billion in investors’ assets.
The Thodex website went dark after posting a mysterious message saying it was suspending trading for five days on Wednesday because of an unspecified outside investment.
Turkish security officials then released a photo of Thodex founder Faruk Fatih Ozer going through passport control at Istanbul airport on his way to an unspecified location.
Local media reports said Ozer — reported to be either 27 or 28 years old — had flown either to Albania or Thailand.
HaberTurk and other media said Thodex shut down after running a promotional campaign that sold Dogecoins at a big rebate — but did not allow investors to sell.
Reports said the website and the entire exchange had shut down while holding at least $2 billion from 391,000 investors.
“The victims are panicked,” investors’ lawyer Oguz Evren Kilic was quoted as saying by HaberTurk.
“They are lodging complaints at prosecutors’ offices in the cities they reside.”
Prosecutors launched an investigation into the businessman on charges of “aggravated fraud and founding a criminal organization,” the private DHA news agency said.
Thodex has launched aggressive campaigns to lure investors.
It had first pledged to distribute luxury cars through a flashy advertising campaign featuring famous Turkish models.
The platform then launched its Dogecoin drive.
The cryptocurrency is getting particularly popular among Turks who are looking to preserve their saving in the middle of a sharp decline in the value of the local lira.
The Turkish crypto market remains unregulated despite growing skepticism from President Recep Tayyip Erdogan’s government about the safety and use of digital currencies.
The Turkish central bank has decided to ban the use of crypto currencies in payments for goods and services starting from April 30.
It warned that cryptos “entail significant risks” because the market is volatile and lacks oversight.
“Wallets can be stolen or used unlawfully without the authorization of their holders,” the central banks warned last week.

Riyadh property prices rise 2% in Q1 even as rents fall

Riyadh property prices rise 2% in Q1 even as rents fall
Updated 22 April 2021

Riyadh property prices rise 2% in Q1 even as rents fall

Riyadh property prices rise 2% in Q1 even as rents fall
  • Mortgages rise, underpinning demand
  • Office sector remains under pandemic pressure

RIYADH: Property prices in the Saudi capital edged higher in the first quarter even as rental rates eased, JLL said.
Riyadh’s residential sale prices registered an annual increase of 2 percent for apartments and villas. By contrast, rental rates reported yearly declines of 1 percent for apartments and villas, it said. Some 7,700 homes were handed over during the period, the broker said.
“Looking ahead, the government initiatives that are pushing Riyadh to be the business hub of the region are expected to spur local and international demand,” JLL said in the report.
It said that strong government support helped to boost demand for residential property in the first three months of the year.
New mortgage loans for individuals jumped by 33,000 contracts in January 2021, it said.
The total value of mortgages increased to SR16.4 billion, according to the Saudi Arabia Monetary Agency (SAMA).
The Riyadh office market remains under pressure with average lease rates across a basket of Grade A & B office spaces in the city falling by 2 percent over the quarter compared to a year earlier.


IATA predicts Middle East airline losses of $4.2 billion in 2021

IATA predicts Middle East airline losses of $4.2 billion in 2021
Updated 22 April 2021

IATA predicts Middle East airline losses of $4.2 billion in 2021

IATA predicts Middle East airline losses of $4.2 billion in 2021
  • Airlines will burn through $81 billion of cash this year
  • Industry crisis much longer and deeper than expected

RIYADH: Middle Eastern airlines will endure losses of $4.2 billion in 2021, down from $7.9 billion in 2020, as pandemic travel restrictions remain in place in much of the world, according to the International Air Transport Association (IATA).
Losses will be equal to 13.8 percent of revenues in 2021, an improvement from 28.9 percent in 2020, but still an historically bad number. Demand will be 67.6 percent lower than 2019 levels, while capacity will shrink 58.9 percent, IATA said.
While the region’s carriers will benefit from some of the highest vaccination rates globally, their relatively small home markets mean airlines like Emirates, Etihad and Qatar Airways will remain heavily exposed to international travel restrictions.
Globally, airline industry losses will narrow to $47.7 billion in 2021 from $126.4 billion in 2020, IATA said.
Airlines will burn through $81 billion of cash this year, following $149 billion in 2020, while the industry has taken on a further $220 billion of debt for a burden of $651 billion, IATA said.
“This crisis is longer and deeper than anyone could have expected,” said IATA Director General Willie Walsh. “Losses will be reduced from 2020, but the pain of the crisis increases. Government imposed travel restrictions continue to dampen the strong underlying demand for international travel.”


L&T Construction to build oil and gas supply base in King Salman Energy Park

L&T Construction to build oil and gas supply base in King Salman Energy Park
Updated 22 April 2021

L&T Construction to build oil and gas supply base in King Salman Energy Park

L&T Construction to build oil and gas supply base in King Salman Energy Park
  • The contract is valued at between $133m and $332m

RIYADH: Indian contractor Larsen & Toubro has been appointed by Oilfields Supply Company Saudi to design and build what it describes as one of the world’s largest oil and gas supply bases, in King Salman Energy Park in Dammam.

The project, valued at between INR1,000 crore ($133.3 million) and INR2,500 crore, involves the construction of industrial facilities, an administration building, ancillary buildings, associated infrastructure and storage yards, and is scheduled for completion in 30 months, L&T said in an emailed statement.

“This project will act as a business incubator to support the oil and gas industry in the Kingdom and help accelerate industrial growth in the energy sector,” said M. V. Satish, senior executive vice president (Buildings), L&T.