fbpx
Blog

JensenIT Blog

JensenIT has been serving the Illinois area since 1991, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

HAFNIUM Attacks Target Most Microsoft Exchange Servers

HAFNIUM Attacks Target Most Microsoft Exchange Servers

The recent discovery of four flaws in Microsoft’s Exchange Server software came too late to prevent a rash of stolen emails, but that doesn’t mean you need to remain vulnerable to this attack. Let’s go over the story so far, and how you can help protect your business.

HAFNIUM, and Their Actions

Back on January 5th, 2021, a security researcher at security testing firm DEVCORE operating under the nom de plume “Orange Tsai” reported a few issues that were discovered in Exchange Server. The same issues were reported on January 27th by the Danish firm Dubex, and on February 2nd by a firm called Volexity. All these reports alluded to what proved to be the actions of a hacking group in China that goes by “HAFNIUM.” HAFNIUM’s hacking efforts have been directed toward the email platforms used in many different organizations’ systems—including organizations classified as infectious disease researchers, defense contractors, institutions of higher education, law firms, think tanks, and civil societies/non-government organizations.

In total, it seems apparent that hundreds of thousands of organizations making use of Microsoft Exchange have been swept up in the attack, breached by HAFNIUM with backdoors left open for the hacking group’s convenience later on.

These breaches were originally directed against exclusively high-value targets, but have swiftly become far less discerning in who may be affected, with all encountered servers now taken over by the automated attacks. While these attacks have left the cloud-hosted Exchange servers untouched, a lot of the victims were using both on-site and cloud-hosted in tandem.

A patch was released on March 2nd that only protects against infiltration, leaving those who had already been infected to fend for themselves.

This is Now A Global Cybersecurity Crisis

With the patch in play, it is now a race between hackers and organizations to see who acts first—with either HAFNIUM infecting a target or that target patching their systems against them.

Too many have already lost to HAFNIUM, at this point.

Even worse, these patches won’t do anything to resolve an existing breach, necessitating a comprehensive network analysis to eliminate any sign of infection. With this event constituting a zero-day threat against all self-hosted instances of Outlook Web Access that had not been patched within that span of a few days, these activities need to be prioritized within every business if only to be certain.

We’re here to help. As a managed service provider, part of our job is to help our clients identify and eliminate any risk factors and threats that issues within their technology may pose. Learn more about our services by calling (847) 803-0044 today.

How Your Business’ IT Future Has Changed in the Pa...
Making Sense of Bitcoin
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, November 14, 2024

Captcha Image

Customer Login


Latest Blog

A compressed file (also known as a zip file) is a handy way to accomplish various tasks, although many people may not know what they are or do. We want to fix that, so we’re going over what a compressed file is and how to make one.

Contact Us

Learn more about what JensenIT can do for your business.

JensenIT
1689 Elk Blvd
Des Plaines, Illinois 60016

Sign up for our Newsletter!

Hey! Before you go, subscribe to our newsletter for IT tech tips and advice!