March 2: Microsoft announces the attack and releases patches. January 3: The date researchers at security firm Volexity believes the vulnerabilities were first exploited. The sequence of events around the Exchange Server attack shows how concern about its consequences has escalated. The Biden Administration, already grappling with the fallout from the massive SolarWinds hack, which became public in December and has been widely, although not officially, attributed to Russian hackers, said it would take" a whole of government response to assess and address the impact." Anne Neuberger, the deputy national security adviser for cybersecurity, leads that effort. Reports circulated last week that the hackers compromised at least 30,000, and likely hundreds of thousands, of unpatched Exchange servers. As a consequence, incident responders are working around the clock responding to this latest threat, which they consider an actual attack on public and government IT infrastructure, unlike the still-ongoing, primarily espionage-oriented SolarWinds hack. Microsoft quickly announced patches for the four previously unknown vulnerabilities in Exchange Server that the malicious actors had exploited. The company attributed the attacks to a Chinese advanced persistent threat group it calls Hafnium. On March 2, Microsoft revealed a critical cybersecurity offensive launched by a foreign adversary against organizations in the United States.
0 Comments
Leave a Reply. |