Thousands of US companies are being targeted by a state-sponsored hacking group that is taking advantage of vulnerabilities discovered in Microsoft’s Exchange Server.
As first reported by Krebs on Security, four different Outlook vulnerabilities were abused in attacks against more than 30,000 organizations across the US. Police and fire departments, rescue units, telecoms providers, banks and utilities are just some of the organizations affected.
Early last week, Microsoft issued a fix to remedy the issue, prompting criminals to work even faster before vulnerable organizations could patch themselves up. According to the report, hackers used the vulnerabilities to install tools that would give them total control over the target devices.
According to Krebs on Security, the attacks were the work of the China-based Hafnium group, which Microsoft describes as a syndicate that “targets entities in the United States across a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs.” The Chinese state has denied any involvement.
As per a Reuters report, the US government considers this a live threat and has advised IT professionals to ensure their networks are protected.
“This is an active threat still developing and we urge network operators to take it very seriously,” said a White House official.
The Biden administration is said to be forming a task force to address the threat.