Up to a quarter of a million users may have fallen victim to the recent cyber attack on Exchange Microsoft Corp email, writes The Wall Street Journal on Saturday. The company suspects that it is the work of Chinese hackers.
Through Microsoft, the attack affected tens of thousands of companies, government offices and schools in the United States. While many of them did not provide hackers with intelligence information, in some cases this may have happened, the New York daily notes.
According to US media reports, hackers use flaws in Microsoft Exchange software to hack e-mail accounts, read messages without authorization, and install unauthorized software.
So-called errors Zero-Day exploits are malware that attacks software weaknesses before they are even discovered and removed. They are called Zero Day (zero days) because there is not enough time to find them and protect the system. According to the US media, carrying out an attack in this way suggests a high degree of sophistication by hackers.
"It was done in a really stealthy way so as not to raise any alarm," said Steven Adair, founder of cybersecurity company Volexity Inc. one of the companies to which Microsoft assigned the problem report.
Last Tuesday, Microsoft announced the attack and identified the culprits as a Chinese cyberespionage group, the so-called Hafnium. The American company provided users with a correction program to eliminate the problem.
The incident sparked widespread concern in the administration of US President Joe Biden, according to a New York City business daily. The Cybersecurity and Infrastructure Agency (CISA) last week issued an emergency directive requiring federal government agencies to immediately repair or disconnect products from Microsoft Exchange.
"CISA held a phone call on Friday with more than 4,000 critical infrastructure partners in the private sector as well as state and local governments, urging them to patch their systems," WSJ said.
He also cites an excerpt from White House press secretary Jen Psaki, who noted that Microsoft's vulnerabilities were of serious concern, "could have far-reaching consequences" and involve "large numbers of victims."