+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

At least 30,000 US organizations, small businesses and government offices were victims of Microsoft Exchange hack: Krebs

Mar 7, 2021, 02:46 IST
Business Insider
Microsoft's CEO Satya NadellaTobias Schwarz/Getty Images
  • An espionage group has hacked some 30,000 US organizations over the past few days, KrebsOnSecurity reported.
  • Microsoft released several security updates to its Exchange email product to combat the hack.
  • The group was able to target businesses and local government agencies, according to KrebsOnSecurity.
Advertisement

At least 30,0000 organizations across the US have been hacked over the last few days through flaws in Microsoft's Exchange server email software, sources familiar with the matter told KrebsOnSecurity.

The "unusually aggressive Chinese cyber espionage unit" that Microsoft calls "Hafnium" is focusing on stealing emails from a range of victims, including companies, small businesses, and local governments, Krebs said.

The group exploited four flaws in Microsoft's Exchange servers. The bugs gave attackers full remote control over the affected systems.

With each hacking incident, the group left behind a hacking tool called "web shell" that is protected by an easy password and could be accessed from any internet browser, the cybersecurity blog said. This tool allowed hackers to have administrative access to computer servers.

Microsoft released a security update this week to patch Exchange versions from 2013 to 2019. Microsoft recommended users immediately install updates to the Exchange product, which is primarily used by business customers. The company also said that it informed appropriate US government agencies about the breach.

Advertisement

Microsoft said the email system is used by organizations including companies, infectious disease researchers, defense contractors, law firms, NGOs, and universities.

The purported Chinese hacking group is responsible for seizing control over hundreds of thousands of Microsoft Exchange servers worldwide, two anonymous cybersecurity experts told KrebsOnSecurity.

Chinese Foreign Ministry spokesman Wang Wenbin responded to Microsoft's accusations in a Wednesday press briefing, saying there was not enough evidence to draw a conclusion on the Exchange hack's origins, according to Bloomberg.

This is the eighth time in the last 12 months that Microsoft has publicly reported state-sponsored hacks.

White House Press Secretary Jen Psaki said in a press briefing on Friday that the weaknesses found in Microsoft's Exchange Servers were "significant."

Advertisement

"We're concerned that there are a large number of victims," she added.

The Prague municipality and the Czech Ministry for Labor and Social Affairs were impacted by the Hafnium server breach, according to Reuters who cited a European cyber official briefed on the issue.

You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article