What you need to know
- U.S. government agencies have suffered from vulnerabilities in Microsoft Exchange Server.
- The attackers appear to be state-sponsored Chinese hackers.
- CISA is instructing the use of Microsoft tools to secure infrastructure.
U.S. government agencies with on-site variants of Microsoft Exchange Server have been instructed by the Cybersecurity and Infrastructure Security Agency (CISA) to use Microsoft patches and anti-malware tools to suss out any threats. All affected agencies are instructed to implement security hardening changes by June 28, 2021. The specific changes CISA is demanding can be read here.
This need for heightened security comes as a result of state-sponsored Chinese hackers taking advantage of security flaws to steal Exchange Server data. Microsoft (opens in new tab) has a blog post detailing some specifics of the hacker organization, which has been dubbed Hafnium. According to the post, though Hafnium is based in China, the group's members lease and use virtual private servers (VPS) in the U.S.
Microsoft has another post (opens in new tab) detailing specifics of Hafnium's activities, as well as the company's efforts to stop them. That post goes into greater technical detail for anyone curious about the ins and outs of the cyber warfare currently being waged.
CISA is not happy about branches of the U.S. government being vulnerable to Hafnium. In CISA's own words, "... this exploitation of Microsoft Exchange on-premises products poses an unacceptable risk to Federal Civilian Executive Branch agencies." It's no secret that the U.S. government has many enemies and way more threats than just a group of state-sponsored Chinese hackers to worry about, so the severity of potential vulnerabilities cannot be understated.
Microsoft claims that 92% of worldwide Exchange IPs have been patched or mitigated. Time will tell if the vulnerable percentages that remain end up being the only ones that matter.
Windows Central Newsletter
Get the best of Windows Central in in your inbox, every day!
Robert Carnevale is the News Editor for Windows Central. He's a big fan of Kinect (it lives on in his heart), Sonic the Hedgehog, and the legendary intersection of those two titans, Sonic Free Riders. He is the author of Cold War 2395. Have a useful tip? Send it to firstname.lastname@example.org.
Thank you for signing up to Windows Central. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.