The latest major network security breach in the US advertises the advantages of the cloud, but also emphasises the greater perils faced by organisations as superpower hacking continues to escalate.
To recap: Microsoft warned in a blog post last Tuesday that on-premises versions of Microsoft Exchange Server had come under attack, opening up access to email accounts and allowing the installation of malware for further snooping. It blamed Hafnium, a group of state-sponsored hackers based in China. Exchange Online was not affected and Microsoft made patches available to close the holes.
Late on Thursday, Jake Sullivan, US National Security Adviser, said in a tweet that the White House was “tracking . . . reports of potential compromises of US think tanks and defence industrial base entities”. Brian Krebs, a cyber security researcher, claimed in a blog post on Friday that at least 30,000 organisations “including a significant number of small businesses, towns, cities and local governments” had been hacked in the past few days. Microsoft said there were now multiple malicious actors exploiting the vulnerability.
Over the weekend, the White House dealt with what it described as “an active threat still developing” by setting up a task force for “a whole of government response”. The New York Times reported the Biden administration was already planning over the next three weeks “a series of clandestine actions across Russian networks that are intended to be evident to President Vladimir V. Putin and his intelligence services and military but not to the wider world”.
The cyber attacks would be in retaliation for last year’s SolarWinds hack of network management software that gave access to some 18,000 organisations’ systems. It’s unclear what Russia and China were seeking from their separate breaches, but as a show of their cyber powers, it is now set to be matched by one from the US.
Companies and organisations need to be more aware their networks are soft targets and cloud providers should be alert to their services being used to disguise the source of attacks. Individuals may be more exercised right now about the decision by LastPass to start charging users for its password manager from next week, if they still want to use it for access to protected sites from all their devices.
The Internet of (Five) Things
1. Deliveroo on its bike for IPO
Deliveroo has unveiled its plans for its London stock market debut as it revealed a 54 per cent growth in sales but losses of £224m in 2020. The filing by the Amazon-backed online food ordering company includes details of a dual-class share structure that would give Will Shu, its co-founder and chief executive, 20 votes a share. Lex says not turning a profit in a year when sales were up more than half is concerning.
2. Shadow over Coupang’s New York listing
South Korea’s answer to Amazon is expected to soar past a $50bn valuation when it lists in New York this week. But back in Seoul, reports Song Jung-a, the ecommerce company, backed by the likes of SoftBank, Sequoia and BlackRock, is facing political pressure and police inquiries over a series of injuries and deaths among its workers.
#techFT brings you news, comment and analysis on the big companies, technologies and issues shaping this fastest moving of sectors from specialists based around the world. Click here to get #techFT in your inbox.
3. Deals suggest more hybrid working
WeWork rival IWG, the world’s largest flexible office company, has signed up its biggest customer to date, Japanese telco NTT, in a record start to the year that signals an appetite for more hybrid working after the coronavirus. In London, employers want new, high-specification offices to tempt staff away from their homes, but the glut of supply is mostly smaller, second-hand space on short leases.
4. The race to scale up green hydrogen
For decades, hydrogen has been hailed as a potentially revolutionary alternative to fossil fuels but its high costs and complexities have stunted attempts at creating whole new economies. Can the gas help solve the world’s dirtiest energy problems? asks today’s Big Read.
5. NBA cashes in on NFTs
Everyone now seems to be looking to cash in on non-fungible tokens, the crypto keys to exclusive online ownership of items. The National Basketball Association was early with its NFT slam dunks, explains our Scoreboard team. Its NBA Top Shot is earning big dollars for short clips of major highlights.
Tech week ahead
Tuesday: Games platform Roblox will set a “reference price” ahead of its direct listing on Wednesday.
Wednesday: Business software company Oracle will report its third-quarter earnings after the market close. Korean ecommerce group Coupang‘s IPO takes place in New York.
Thursday: Strong online retail demand is set to bolster Chinese ecommerce retailer JD.com when it reports earnings.
Friday: Microsoft president Brad Smith appears before Congress to answer questions on competition issues before a House Judiciary committee.
Tech tools — Xiaomi’s Redmi Note 10
The Chinese handset maker has just announced it is expanding its line-up of mid-range smartphone devices in the UK with the Redmi Note 10 Pro and later this year, the Redmi Note 10S and Redmi Note 10 5G. With the Pro, it’s all about the camera with a 108MP sensor and both pro and telemacro time-lapse video shooting. It has a fingerprint sensor, a 6.7in AMOLED display and is available in Onyx Gray, Glacier Blue and Gradient Bronze. Pocket-Lint says the Pro is the model to go for. It’s available in April, with pricing still to be announced.