Scale of Microsoft Exchange email attack worries Washington

Tens of thousands of private and public entities are victims of the Chinese hack that targeted Microsoft’s professional email software. The European banking authority is one of them.

How many businesses, government agencies, cities or NGOs have information been stolen through the? ? At a minimum, tens of thousands around the world – between 20,000 and 60,000 according to cybersecurity experts – although it will probably be impossible to know the extent of this new massive cyberattack.
, Microsoft warned that its professional Exchange messaging software had been the target of a group of hackers “highly skilled and sophisticated “, Called” Hafnium “, based in China but which operates through virtual private servers leased in the United States.
These hackers have successfully exploited four vulnerabilities in professional email software to steal the content of their victims’ mailboxes and plant tools that allow them to remotely control infected systems. Microsoft fixed the flaws as soon as they were identified and urged customers to make the necessary updates, but the damage was done. Microsoft Exchange is the world’s most widely used business email software.

“Earthquake for confidentiality”

Among the many victims, the European banking authority said Monday that the attackers had been able to gain access to personal data via messages held on its email servers. She is working to find out which ones could be reached and, as a precaution, has deactivated her messaging system. ” It’s an earthquake for the privacy of all companies that use Microsoft Exchange, especially since there is no European alternative to Office 365 or GSuite. (the office suite of Google, Editor’s note) ”estimates Jacques de La Rivière, CEO of Gatewatcher, a French security software publisher, specializing in advanced intrusion detections.
« Publishers like Microsoft have a responsibility to users around the world. There is a real notion of the common good behind the use of this software. These large publishers must commit to putting in technical means to improve their security.», Underlines Guillaume Vassault-Hagère, CEO of YesWeHack, a platform for detecting flaws in information systems by ethical hackers.

The White House on alert

The White House admits, via a spokesperson, to be worried about this “active threat, (…) which could have far-reaching repercussions”. Late last year, the United States was already shaken by, named after the software used by hackers – this time linked to the Russian state – to break into the systems of at least 18,000 companies, including several US federal agencies. Forced to rethink its cybersecurity strategy, the new Biden Administration is also working on retaliatory sanctions against Russia.

One itself among the victims of the SolarWinds attack, Microsoft had indicated in December that hackers had accessed part of its computer source code, without giving further details. According to Microsoft, the Hafnium attacks are not linked to those resulting from the SolarWinds affair. Security experts are however wondering about a possible exchange of information between the groups of the two countries.

According to other cybersecurity researchers, the attack by the Chinese hacker group could be uncovered due to research carried out after the Solarwinds affair. “This is the downside of such a large cyber attack carried out by someone else, it increases the chances that yours will be discovered.»Thus sums up on a daily basisFinancial Times.