Microsoft Exchange servers hacked by Chinese hacker group called Hafnium, claims company

Tech giant Microsoft has been under the news ever since they released a blog post saying that their Microsoft Exchange servers have been hacked by a Chinese hacker group that Microsoft are calling Hafnium on their blog. The Microsoft Exchange hack has caused massive data breaches in a lot of major corporations and some companies are even losing money because of the large scale of these hacks. Read on to know more about China cyberattack on Microsoft. 

Microsoft Cyber Attack - Chinese Hacker Group Targets Microsoft

The Microsoft Exchange hack is a giant attack against Microsoft's Exchange servers originating from China, as claimed by Microsoft on their official blog post. The hackers are using vulnerabilities in Microsoft servers called zero-day exploits. Microsoft has announced on their blog that hundreds of thousands have been attacked data of millions of people has been breached. Microsoft believes that Chinese state powers are behind the hack as no single organisation could have the resources to hack the servers on such a large scale. Microsoft is actively working on fixing these vulnerabilities. You can take a read at an excerpt from the Microsoft blog post down here.

Excerpt From The Microsoft Blog

''Today, we’re sharing information about a state-sponsored threat actor identified by the Microsoft Threat Intelligence Center (MSTIC) that we are calling Hafnium. Hafnium operates from China, and this is the first time we’re discussing its activity. It is a highly skilled and sophisticated actor.

Historically, Hafnium primarily targets entities in the United States for the purpose of exfiltrating information from a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defence contractors, policy think tanks and NGOs. While Hafnium is based in China, it conducts its operations primarily from leased virtual private servers (VPS) in the United States.''

The hackers use these zero-day exploits to gain access to Microsoft servers using untrustworthy URLs. The hackers then deploy a form of malware into the server that ends up infecting other connected servers. Chinese hackers have used this technique to hack thousands of Microsoft servers. The deployed malware also steals all the data on the servers, including sensitive information of millions of customers which is saved on the Microsoft servers. The malware also places untraceable backdoors into these servers so the hackers can gain access to them anytime they want, even after they've been booted off the servers once. The way this malware infects other servers makes it especially dangerous because it keeps infecting exponentially more servers the more it gets spread. 

Microsoft has revealed that these attacks can rend the servers unusable which can end us casing a lot of financial damage to large size corporations who depend on Microsoft exchange servers for their data storage and processing needs. Microsoft's Exchange servers store data like emails, calendars, outlook data, basically highly sensitive corporate information. Once hackers get access to this information, millions of people's accounts become vulnerable. As per a report on Bloomberg, as many as 60,000 servers may already be hacked in the United States alone. Stay tuned form more news on the Microsoft hack and tech.