Another major cyberattack on America, tens of thousands of email server hacks

Another major cyberattack on America, tens of thousands of email server hacks

According to Krebs on Security, emails from 30,000 US government and business organizations have been hacked due to four vulnerabilities in Microsoft Exchange software. Wired has even published the news that tens of thousands of email servers have been hacked.

Although Microsoft has patched the vulnerability, security experts told Krebson that much work is needed to identify and clean up the process. Thousands of organizations, including state and city governments, fire and police departments, school districts, financial institutions, and others, have been affected.

According to Microsoft, the vulnerability (security vulnerability) allowed hackers to access email accounts and install malware that could later be accessed on those servers. According to Krebs and Wired, the attack was carried out by the Chinese hacking group Hafnium.

Although Microsoft has not commented on the size of the cyber-attack, it has indicated that it is sensitive to vulnerabilities. It is said that a group encouraged by the state was involved in the attack.

According to Krebs on Security, the attack had been going on since January 6 but had intensified towards the end of February. Microsoft released the patch on March 2.

This means that the hacker has been able to conduct his operation for about two months. The chairman of the cybersecurity firm Volexity discovered the cyber attack.

"If you're running an exchange and you don't have a patch yet, your organization is more likely to have already compromised," he told Krebs on.

White House National Security Adviser Jack Sullivan and Director of the Cyber ​​Security and Infrastructure Security Agency Charis Kerbs (not affiliated with Krebs on Security) tweeted about the cyber attack.

There was a solar wind attack on the United States last year. The system of US federal government bodies and companies was compromised.

This time the cyber attack is a reminder of the same incident. However, Microsoft has said that the incident has nothing to do with the current cyber attack.