A number of European Union institutions, including the European Commission, were the targets of a recent cyber attacks aimed at their IT infrastructure, Bloomberg has revealed.
The cyber attacks were disclosed by a European Commission spokesperson who said that several EU institutions “experienced an IT security incident in their IT infrastructure” last week and that forensic analysis has been initiated to investigate the nature of the attack.
“We are working closely with CERT-EU, the Computer Emergency Response Team for all EU institutions, bodies, and agencies, and the vendor of the affected IT solution. Thus far, no major information breach was detected,” the spokesperson said, indicating that hackers exploited flaws in an IT solution used by all these institutions to target their IT infrastructure.
It is, however, not clear if the EU bodies were targeted through exploits leveraging vulnerabilities in Microsoft Exchange server, Solarwind’s Orion platform, or flaws in an IT monitoring platform offered by Centreon to organisations worldwide. The European Commission said that, so far, no evidence of any data breach has been found.
“The Commission has set up a 24/7 monitoring services and is actively taking mitigating measures. No major information breach was detected so far, although forensic analysis of the intrusion attempts is still in the initial phase, and no conclusive information is available.
“Let me use this occasion to recall that we take cybersecurity very seriously and apply strict policies to protect our infrastructures and devices. We investigate every incident,” the spokesperson added.
The announcement comes not long after hackers exploited security flaws in Microsoft Exchange to compromise several servers owned by the European Banking Authority, the Paris-based regulatory agency of the European Union which regulates European banks on standards like transparency and strong capital structures.
A few days after the intrusion took place, EBA said it successfully secured its email infrastructure and could confirm that hackers did not exfiltrate any data from the affected servers and that the breach was only limited to its email servers.
According to Microsoft’s Threat Intelligence Center, previously-unknown vulnerabilities in Microsoft’s on-premises Exchange server software was recently exploited by Hafnium, a China-based hacker group, to target organisations worldwide.
According to security researcher Brian Krebs, the Chinese hacker group successfully hacked at least 30,000 organisations across the U.S., and is moving quickly to target as many organisations worldwide as possible before the vulnerable Exchange servers are patched by their owners.