A week after the hacker attack was reported, security experts are still concerned about the damage caused by the attack on the Microsoft Exchange email service.
The attack mainly targeted hundreds of thousands of Microsoft Exchange users around the world. According to Microsoft, the remaining four “vulnerabilities” in the program allowed the hackers to gain access to the servers of the popular email and calendar service. The company asked its users to update their systems with software fixes as soon as possible – CNN News Portal reported.
The White House has also joined the investigation, and several US government agencies are currently investigating the attack.
Since the breach was reported last Tuesday, a slew of additional threats have been exploited on newer Exchange servers, which have yet to be updated, Symantec cybersecurity program reported Monday.
What we know so far about the hacker attack
Microsoft attributed the attack to a hacker network called Hafnium, a group allegedly working with the help of the Chinese state.
Microsoft said that although Hafnium has its headquarters in China, it usually uses VPNs in the United States. Company ”As a sophisticated and highly trained groupHe mentioned the illegal company.
The Chinese Ministry of Foreign Affairs said that the state “Firmly opposes and fights all forms of cyber attacks and thefts against the law“.
Who were the targets of the attacks?
A US official told CNN that an estimated 30,000 users were affected by the hacking attack in the United States and 250,000 customers worldwide by Saturday, but that number has increased since then.
The breach mainly affected business and government clients who use Microsoft Exchange Server. According to Microsoft,There is no evidence that Hafnium’s activities were aimed at individual users or that these exploits would affect other Microsoft products.“.
What was the purpose of the hackers?
The attack was intended to reach the email systems of the target organizations. Hackers usually try to obtain email addresses and address books, and their goal is to gain access to a database of user accounts.
One of the victims of the hacker attack said the attackers used unauthorized access to communicate with his contacts. Each letter contained links asking people to click on them.
Hackers can also install additional malware to facilitate continuous and long-term access to victims’ systems, including files, mailboxes, and credentials stored there.
How can we defend against an attack of hackers?
Microsoft last week released emergency security updates for customers using Exchange Server.
„We strongly recommend that all Exchange Server clients apply these updates immediatelyMicrosoft said in a statement.
White House spokesperson Jane Saki and Jake Sullivan, national security advisers across the country, also called on IT officials to install software patches immediately.
The US Cybersecurity Agency (CISA) warned last week that if the issue is not addressed, the malicious activity willIt could allow an attacker to take control of an entire corporate network“.
We’ve written about it before Hackers have landed on the United States. At least since March of last year, there has been a widespread cyber attack that allowed hackers to infiltrate the computer network of US government institutions and major infrastructure facilities.
In February this year There was also a cyber attack on Hungarian government websitesThat was then successfully eliminated. Together they launched a so-called cyber crowding attack on government websites from multiple IP addresses and multiple computers at the same time – in an effort to block the servers running them by sending large amounts of messages. For this reason, visitors to the site have not been able to access certain services for some time.
The pirates did not stop during the epidemic, Cyber criminals are also trying to take advantage of the epidemic. The criminals either turned themselves in to members of the health authorities or offered defective protective equipment for sale. In Hungary, users have been attacked by fake web stores that offer face masks and spam.
Learn more about Hacker and Cyber Warrior defending in the past World War II in cyberspace: There is nothing good or bad about electronic warfare, only the interests of the state From our article.
From the second part of the article Among other things, it turns out why a home robotic vacuum cleaner can be dangerous from a cybersecurity point of view.
However, this is important to note Only society as a whole can work effectively for cybersecurity.
Cover photo illustration.