What is the Hafnium email attack?

By William Smith
Share
The attacker, which Microsoft is calling Hafnium, exploits flaws and stolen passwords to steal data from the networks of targets...

Last week, we detailed how the latest in a series of escalating cyberespionage events has come to light, this time involving a hack on Microsoft’s Exchange email software.

The attacker, which Microsoft is calling Hafnium, exploits flaws and stolen passwords to steal data from the networks of targets - with thousands potentially affected. Microsoft not only said that the attackers were state-sponsored, but explicitly named the culprit: China. This places the attack in the broader context of escalating cyberwarfare between nation states.

The race to fix the exploit

Microsoft’s response was to issue a patch and publicise the information it had collected on the exploit, yesterday releasing data on “malware hashes and known malicious file paths” that had been observed in the attacks.

Microsoft’s Tom Burt - Corporate Vice President, Customer Security & Trust, last week said: "Even though we’ve worked quickly to deploy an update for the Hafnium exploits, we know that many nation-state actors and criminal groups will move quickly to take advantage of any unpatched systems. Promptly applying today’s patches is the best protection against this attack."

White House National Security Advisor Jake Sullivan duly tweeted: “We are closely tracking Microsoft’s emergency patch for previously unknown vulnerabilities in Exchange Server software and reports of potential compromises of U.S. think tanks and defense industrial base entities. We encourage network owners to patch ASAP”.

The cyber cold war heats up

The attack comes not so very long after the last such incident in December of last year, when the likes of the US federal government, Microsoft, SolarWinds and VMware all fell prey to a huge state-sponsored cyber attack. The attack involved a vulnerability in SolarWinds’ Orion platform as well as stolen assessment tools from FireEye, with suspicion ultimately falling on Russia.

Share

Featured Articles

WEF: How AI Will Reshape 86% of Businesses by 2030

A new WEF report predicts that AI and automation will create 170 million jobs while displacing 92 million roles as companies adapt to technological change

Why Apple is Appealing to its Investors over DEI Programmes

Tech giant Apple seeks investor support over NCPPR calls to scrap its DEI programmes, whilst competitors Meta and Amazon seek to reduce their own schemes

How the UK Plans to Become the World’s AI Leader

The UK plans to compete with global AI powerhouses through public-private partnership that will create over 13,000 jobs and transform public services

Why AWS is Committing $5bn to Thailand Cloud Infrastructure

Data & Data Analytics

The Impact of Meta’s New Policies on Social Media Worldwide

Digital Transformation

Google Cloud Names Former Microsoft Exec to Lead EMEA Push

Cloud & Cybersecurity