AmericaMore than 30,000 government, commercial and corporate organizations have been hacked through the Microsoft Exchange server vulnerability.
According to the security firm’s report KrebsOnSecurity, server vulnerabilities Exchange It has been patched, but the consequences will be difficult to fix due to the popularity of this email system. Currently, the Exchange email server is being deployed from state and municipal governments, fire department, police, financial institutions … of the USA.
The Exchange server vulnerability severely affected tens of thousands of US government companies and organizations.
Before, Cabling It also reported that “tens of thousands of email servers” were attacked due to Exchange server vulnerabilities. Microsoft The vulnerability allows hackers to compromise email accounts and install malicious code in order to access them later. American software companies too doubt Hafnium, a group of hackers based in China, is the culprit.
According to analysis of KrebsOnSecurityThe attack took place on January 6, the day of the Capital Hill riots, but increased dramatically in frequency in late February. The vulnerabilities were only fixed by Microsoft on March 2, meaning the hackers had almost two months to carry out the hacking. operations.
Hackers targeted Microsoft’s Exchange email server systems through zero-day vulnerabilities, including CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065. “If your system is running Exchange and it has not been patched, it is very likely that the system has been compromised,” said a representative of Volexity, the cybersecurity company that detected the attack. Volexity also said that individual customers were not the target of this attack.
Following the attack, Jake Sullivan, a White House national security adviser, and Chris Krebs, a former director of the White House Network Security and Infrastructure Agency, took to Twitter to express their concerns. Both called Microsoft’s vulnerabilities “critical” and could cause significant long-term damage.
Currently, a detailed list of companies affected by the vulnerability has not been disclosed. A Microsoft spokesperson said the company “is working closely with US cybersecurity agencies, as well as government organizations and security companies to minimize the consequences,” in addition to advising groups on the need to patch users of the Exchange server ASAP.
Bao Lam (follow, continue The edge)