What is the Hafnium email attack?

By William Smith
The attacker, which Microsoft is calling Hafnium, exploits flaws and stolen passwords to steal data from the networks of targets...

Last week, we detailed how the latest in a series of escalating cyberespionage events has come to light, this time involving a hack on Microsoft’s Exchange email software.

The attacker, which Microsoft is calling Hafnium, exploits flaws and stolen passwords to steal data from the networks of targets - with thousands potentially affected. Microsoft not only said that the attackers were state-sponsored, but explicitly named the culprit: China. This places the attack in the broader context of escalating cyberwarfare between nation states.

The race to fix the exploit

Microsoft’s response was to issue a patch and publicise the information it had collected on the exploit, yesterday releasing data on “malware hashes and known malicious file paths” that had been observed in the attacks.

Microsoft’s Tom Burt - Corporate Vice President, Customer Security & Trust, last week said: "Even though we’ve worked quickly to deploy an update for the Hafnium exploits, we know that many nation-state actors and criminal groups will move quickly to take advantage of any unpatched systems. Promptly applying today’s patches is the best protection against this attack."

White House National Security Advisor Jake Sullivan duly tweeted: “We are closely tracking Microsoft’s emergency patch for previously unknown vulnerabilities in Exchange Server software and reports of potential compromises of U.S. think tanks and defense industrial base entities. We encourage network owners to patch ASAP”.

The cyber cold war heats up

The attack comes not so very long after the last such incident in December of last year, when the likes of the US federal government, Microsoft, SolarWinds and VMware all fell prey to a huge state-sponsored cyber attack. The attack involved a vulnerability in SolarWinds’ Orion platform as well as stolen assessment tools from FireEye, with suspicion ultimately falling on Russia.

Share

Featured Articles

Top 100 Women 2024: Tanja Rueckert, Bosch - No. 6

Technology Magazine’s Top 100 Women in Technology honours Bosch’s Tanja Rueckert at Number 6 for 2024

Tech & AI LIVE London: One Month to Go

Just one month to go until Tech & AI LIVE returns for 2024 with Tech & AI LIVE London on 21 May

OpenText CEO Roundtable: The Future of Safe Enterprise AI

Technology Magazine attends OpenText World Europe 2024 and hears from company CEO and CTO Mark Barrenechea about how OpenText will continue to harness AI

Top 100 Women 2024: Julie Sweet, Accenture - No. 5

Digital Transformation

OpenText AI: Empowering Businesses in Information Management

Digital Transformation

GFT & Google Cloud Gen AI to Power Next-Gen Customer Service

AI & Machine Learning