A sophisticated attack on Microsoft’s Exchange Server are now being used in widespread attacks against thousands of organisations with potentially tens of thousands of organisations affected.
The report even coming from the European Banking Authority (EBA) has taken all email systems offline after being hit by a cyber-attack targeting their Microsoft Exchange Servers. The attack, which Microsoft has said started with a Chinese government-backed hacking group, has so far claimed at least 60,000 known victims globally, according a former senior U.S. official with knowledge of the investigation.
The widely used business email software is facing a global cybersecurity crisis, as hackers race to infect as many victims as possible before companies can secure their computer systems.
There are multiple hacking groups across the world exploiting vulnerabilities to backdoor unpatched servers. Microsoft issued emergency patches on Tuesday last week, but they do nothing to disinfect systems that are already compromised.
The EBA don’t have any clue on the personal data through emails held on MS Exchange servers have compromised by the hacker. As a precautionary measure, the EBA has decided to take its email systems offline.
In an update on the evolving situation, Microsoft says: "In the attacks observed, the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments."
The bugs are being tracked as CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065. Microsoft, which issued emergency patches for last week, Microsoft has attributed the attack to Hafnium, a state-sponsored hacking group operating out of China.
Microsoft urged Exchange customers, which range from large enterprise to small businesses, to apply the patches immediately because "nation-state actors and criminal groups will move quickly to take advantage of any unpatched systems."
As the cyber crime is growing faster , many are thinking of either going off-line or finding another way out to find the solution like Internet or going back to the traditional mode of operation. Cybersecurity experts that defend the world’s computer systems expressed a growing sense of frustration and exhaustion.
It is the second cybersecurity crisis coming just months after suspected Russian hackers breached nine federal agencies and at least 100 companies through tampered updates from IT management software maker SolarWinds .
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
