Most Microsoft Exchange Servers Targeted by HAFNIUM Attacks
Four flaws in Microsoft Exchange’s Server software was discovered too late and couldn’t prevent stolen emails. Even though this has happened, your business does not have to remain vulnerable to this attack, as we’ll go over how you can keep your business safe. But first, lets recap.
The Actions of HAFNIUM
On January 5th of 2021, “Orange Tsai,” otherwise known as DEVCORE, reported issues that were found in the Exchange Server. These same issues were then also reported on Jan. 27 by Dubex, and on Feb. 2, by Volexity. These reports nodded to what eventually proved to be the Chinese hacking group HAFNIUM. HAFNIUM has had hacking efforts targeted at email platforms used by several organizations, including defense contractors, institutions of higher education, infectious disease researchers, think tanks, law firms, and civil societies/non-government orgs.
Thousands of companies that use Microsoft Exchange have found themselves as part of the attack and were breached by HAFNIUM, and left open for additional attacks later.
It began with high-value targets, but has now shifted to taking over any encountered severs they come across. These attacks have left the cloud-hosted exchange servers untouched, but a lot of victims were using both on-site and cloud-hosted solutions together.
On March 2, a patch was released to protect against infiltration, but did not help those who has already been infected.
A Global Cybersecurity Crisis In The Making
Now, with the patch doing its work, it has become a race between hackers and the patch, Either a server can be infected first, or protected first.
At this point, so much has been lost to HAFNIUM
The patch can only do so much, and cannot do much of anything for already existing breaches. To save your business from a breach, you must get the patch as soon as possible, before your data has been infected. MyTek is here to help. If you are worried about the cyber attacks from HAFNIUM, please give us a call today so we can help assess and eliminate your risk. Call us today at 623-312-2440.