Politico EU is reporting that Microsoft Outlook was used to trigger a hack on the German government’s computer network. There’s the horrible possibility of an email attachment opening in Outlook without human intervention.
Various Foreign Office (Auswärtiges Amt) government computers were infected with a dormant program, no word on how that was done.
The dormant malware was then trigged by an email with attachment which, allegedly, was opened automatically by Microsoft Outlook. The opened attachment triggers the main program into action.
An unnamed IT security researcher describes the attack as “elegant, because it is inconspicuous”
The German Foreign Office was the ultimate target with 17 computers infected at the office.
The Turla hacking group are suspected as are Russian hackers but it’s not known what evidence there is to support that.
Silence from Redmond
Microsoft hasn’t commented which is a shame.
Even the possibility of Outlook opening/running attachments without human intervention is a great worry. Instead of a stony silence, it would be nice to know that the company is investigating and the result of that enquiry.
Maybe the reports are untrue and the email uses some wording to trick people into opening the attachment? That’s the normal way infected attachments get access to a computer.
In the meantime, we mere Microsoft paying customers are left to worry. Make sure our anti-virus software (Windows Defender/Security) is up to date as well as Office and Windows.