Chinese Hackers Exploit Microsoft Servers: How Can You Stay Safe?
These attacks have reportedly exploited four major vulnerabilities in Microsoft Exchange Server 2013, 2016 and 2019.
US Technology giant Microsoft has warned its customers that a Chinese-state cyber-espionage group has reportedly attacked Microsoft Exchange Server, an enterprise product built for email communication.
On Tuesday, 2 March, Microsoft warned public about consecutive attacks and blamed it on the Chinese group dubbed ‘Hafnium’.
These attacks have reportedly exploited four major vulnerabilities in Microsoft Exchange Server 2013, 2016, and 2019.
Microsoft INC has informed that ‘Hafnium’ is seeking to steal information from several US-based organisations, including “infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs”.
Here’s everything you need to know about the attack.
Microsoft has alleged that the Chinese state-sponsored company Hafnium found security vulnerabilities and broke into Exchange email servers on 6 January,
According to cyber security firm Volexity, the major concern is one of the vulnerabilities which made it easy for Chinese hackers to attack servers without authentication of any kind. “The attacker only needs to know the server running Exchange and the account from which they want to extract e-mail,” Volexity wrote in a blog post.
After gaining access to the server, hackers planted malware into Microsoft’s server. This allowed them to steal data from Microsoft that compromised Exchange 2013 and its later edition servers. “All they needed to know were the details of Exchange server and of the account they wanted to pillage its emails,” Volexity said.
Were Microsoft Servers Attacked Multiple Times?
Microsoft has not confirmed the number of successful attacks yet. However, the company has described the number as “limited".
How Can You Stay Safe?
In order to avoid any potential attack, Microsoft has asked its users to update the latest security patch. Users should also update Microsoft Defender – the company's free antivirus, which can detect any malware tools from Chinese hackers.
“Even though we’ve worked quickly to deploy an update for the Hafnium exploits, we know that many nation-state actors and criminal groups will move quickly to take advantage of any unpatched systems", Microsoft said.
Chinese Government Responds
The Chinese Embassy has denied the allegations made by Microsoft and has called the accusations baseless. "We hope that relevant media and company will adopt a professional and responsible attitude and underscore the importance to have enough evidence when identifying cyber-related incidents, rather than make groundless accusations,” said Chinese Embassy Spokesperson Wang Wenbin.
"China has reiterated on multiple occasions that given the virtual nature of cyberspace and the fact that there are all kinds of online actors who are difficult to trace, tracing the source of cyber attacks is a complex technical issue," Wang added.
(The Quint is available on Telegram. For handpicked stories every day, subscribe to us on Telegram)
Subscribe To Our Daily Newsletter And Get News Delivered Straight To Your Inbox.