The attack on Microsoft may be worse than announced and is pointed directly at China
For a week we have been learning details about the great attack that Microsoft has received and the tension increases.
What seemed like one more piece of news on March 2 has become more serious as the days go by. Microsoft announced then that it had received an attack through a vulnerability detected in Microsoft Exchange. This led to the theft of passwords from at least 30,000 accounts, but the information has taken on a new tone as more details are known.
As reported in The Verge, on Friday some specialists commented that the attack received on the email server comes from a Chinese hacking group called Hafnium which is sponsored by the same government.
But days later the numbers have increased and at this time they have already doubled. It is alerted that 60,000 Microsoft Enchange customers have been reached, but there are also reports that warn that the company had been notified since January.
At this time the MIT Technology Review has reported what can there be at least 5 other hacker groups attacking Microsoft’s service and selling information obtained. So much so that even the White House has spoken out about it and speaks of a great threat, according to its press secretary Jen Psaki.
Patching and mitigation is not remediation if the servers have already been compromised. It is essential that any organization with a vulnerable server take immediate measures to determine if they were already targeted. https://t.co/HYKF2lA7sn
— National Security Council (@WHNSC) March 6, 2021
But who is affected by that vulnerability? At first it seems that Local Microsoft Exchange Server users (2010, 2013, 2016, or 2019). They all need to update the tool to make sure they are not accessing their accounts.
As reported by Microsoft: “The best protection is to use updates as soon as possible on all affected systems. We continue to assist clients by providing additional research guidance. Affected customers should contact our support teams for additional help and resources“.
From different fronts the Chinese Government is directly accused to be behind this great attack that seems to have completely overtaken Microsoft. It is possible that during the next few days we will access more information in this regard, since everyone involved seems to talk about how unusual it is turning out and it is not known if it is controlled.