America’s small businesses face the brunt of China’s Exchange server hacks – TechCrunch

by Jeremy

As the U.S. reportedly readies for retaliation against Russia for hacking into some of the government’s most sensitive federal networks, the U.S. is facing another old adversary in cyberspace: China.

GettyImages 151047981

Microsoft last week revealed a new hacking group it calls Hafnium, which operates in, and is backed by China. Hafnium used four previously unreported vulnerabilities — or zero-days — to break into at least tens of thousands of organizations running vulnerable Microsoft Exchange email servers and steal email mailboxes and address books.

It’s not clear what Hafnium’s motives are. Some liken the activity to espionage — a nation-state gathering intelligence or industrial secrets from more giant corporations and governments.

But what makes this particular hacking campaign so damaging is not only the ease with which the flaws can be exploited but also how many — and how widespread — the victims are.

Security experts say the hackers automated their attacks by scanning the internet for vulnerable servers, hitting a broad range of targets and industries — law firms and policy think tanks and defense contractors and infectious disease researchers. Schools, religious institutions, and local governments are among the victims running vulnerable Exchange email servers and caught up by the Hafnium attacks.

While Microsoft has published patches, the U.S. federal cybersecurity advisory agency CISA said the patches only fix the vulnerabilities — and won’t close any backdoors left behind by the hackers.

There is little doubt that more significant, well-resourced organizations have a better shot at investigating if their systems were compromised, allowing those victims to prevent further infections, like destructive malware or ransomware.

Related Posts

Leave a Comment