Hafnium, a Chinese-based hacker group has doubled its hack count of Microsoft’s Exchange Servers. It is estimated that the group breached nearly 60,000 Servers globally, primarily targeting organisations and their emails. According to the BBC, the European Banking Authority has admitted to being one of the victims. Microsoft was allegedly aware of the vulnerabilities in early January. A report from MIT reports, however, that Hafnium may not be the only threat. In fact, a cybersecurity analyst pointed out that at least five hacking groups had exploited the Exchange Server vulnerabilities last week. The hack has been highlighted as an “active threat” by the White House press secretary Jen Paski. Additionally, Jake Sullivan, the White House National Security adviser has issued a warning about the level of impact this threat has.
No timeline has been released regarding patches and fixes, however in a statement Microsoft said: “We are working closely with the CISA, other government agencies, and security companies, to ensure we are providing the best possible guidance and mitigation for our customers. The best protection is to apply updates as soon as possible across all impacted systems. We continue to help customers by providing additional investigation and mitigation guidance. Impacted customers should contact our support teams for additional help and resources.”
