You are using an older browser version. Please use a supported version for the best MSN experience.

Microsoft accuses China of carrying out hacks on its Exchange email product

Business Insider logo Business Insider 3/3/2021 jgerstein@businessinsider.com (Julie Gerstein)
a sign on the side of a building: Microsoft warned that its email product Exchange had been compromised. SOPA Imagines/Getty Images © Provided by Business Insider Microsoft warned that its email product Exchange had been compromised. SOPA Imagines/Getty Images
  • Microsoft said that its Exchange email product had been compromised by Chinese hackers.
  • The company said it believes the group, which it named "Hafnium," was supported by the Chinese state.
  • Microsoft also released security updates to combat the hacks.
  • Visit the Business section of Insider for more stories.

Microsoft announced Tuesday that its Exchange email product had been hacked, and that it believes China is behind the attack.

Tom Burt, Microsoft's corporate vice president of customer security and trust, wrote in a blog post that the company had identified a "state-sponsored threat actor" it referred to as "Hafnium."

Hafnium, he said, typically uses virtual servers located in the US to infiltrate vulnerable institutions, including infectious-disease researchers, law firms, higher education institutions, and NGOs.

According to Burt, the hacking group took advantage of several security vulnerabilities within the email client to steal data and plant malware, and more alarmingly, to compromise servers running Exchange.


Video: At least 30,000 organizations newly hacked via Microsoft email flaw (CNBC)

UP NEXT
UP NEXT

Once Hafnium made its way inside company servers, it could create a "web shell" to control servers remotely and steal data from company networks.

In addition to the warning, Microsoft also released several security updates designed to combat the hacks, but noted that "even though we've worked quickly to deploy an update for the Hafnium exploits, we know that many nation-state actors and criminal groups will move quickly to take advantage of any unpatched systems."

Burt also noted that Exchange server is "primarily used by business customers" and said that there was "no evidence" that Hafnium was targeting individual consumers or that any other Microsoft products were impacted. He also said that the attack was not believed to be related to prior SolarWinds hacks.

Chinese Foreign Ministry spokesman Wang Wenbin responded to Microsoft's accusations in a Wednesday press briefing, saying there was not enough evidence to draw a conclusion on the Exchange hack's origins, according to Bloomberg.

This is the eighth time in the last 12 months that Microsoft has publicly reported state-sponsored hacks. 

Read the original article on Business Insider
AdChoices
AdChoices
AdChoices

More From Business Insider

Business Insider
Business Insider
image beaconimage beaconimage beacon