Tech Edition

The Future is Tech – Think of one of the biggest companies you could target as a hacker… Microsoft comes to mind, right? Well, the US has expressed great concern following a hack on Microsoft’s Exchange email software with the company blaming China.

This is an active threat,” White House press secretary Jen Psaki said on Friday. “Everyone running these servers – government, private sector, academia – needs to act now to patch them.”

Microsoft said hackers had used its mail server to attack their targets and it is reported that tens of thousands of US organisations may be impacted. As politics goes, the US has long accused the Chinese government of cyber-espionage, something they of course deny vehemently. Ms Psaki told reporters that the White House was “concerned that there are a large number of victims” and said the vulnerabilities found in Microsoft’s servers “could have far reaching impacts”.

The US National Security Council said it was “essential that any organisation with a vulnerable server take immediate measures” to determine whether they had been targeted.

The Microsoft Threat Intelligence Center (MSTIC) attributed the attacks with “high confidence” to a “state-sponsored threat actor” based in China which they named Hafnium.

The tech giant said Hafnium had tried to steal information from groups such as infectious disease researchers, law firms, higher education institutions and defence contractors.

A spokesman for the Chinese government told Reuters news agency that the country was definitely not behind the hack. Beijing has repeatedly rejected US accusations of cyber-crime. More than 20,000 organisations have been compromised in the US with many more affected worldwide, Reuters reported. 

News of the breach prompted the US Cybersecurity and Infrastructure Security Agency (Cisa) to release an emergency directive telling agencies and departments to take urgent action. Jake Sullivan, the White House National Security Adviser, has also urged network owners to download the security patches as soon as possible.

Microsoft has not confirmed the reported figures but said in a further statement last week Friday that it was working closely with US government agencies. It told customers “the best protection” was “to apply updates as soon as possible across all impacted systems”.

However, it also said it was deploying some mitigation techniques designed to help those who are unable to upgrade quickly, but warned they were not “a remediation if your Exchange servers have already been compromised, nor are they full protection against attack”.

This is the eighth time in the past 12 months that Microsoft has publicly accused nation-state groups of targeting institutions critical to civil society. Although Hafnium is based in China, it allegedly conducts its operations primarily from leased virtual private servers in the US, Microsoft said. While many US tech firms have had a tumultuous relationship with the Chinese government, Microsoft has maintained a mainland presence since ’92. Unlike Facebook and Twitter, Microsoft’s business-oriented social media platform LinkedIn is still accessible in China. So, too, is its search engine Bing, although locally-run Baidu dominates the search market.

Business Edition Logo

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox

We don’t spam! Read our privacy policy for more info.