• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Republica Press

Your Business & Political News Source

REPUBLICA PRESS
Your Business & Political News Source

  • Home
  • BUSINESS
  • MONEY
  • POLITICS
  • REAL ESTATE
  • SCIENCE/TECH
  • US
  • WORLD

Warning: ‘Hundreds Of Thousands’ Of Microsoft Servers Hacked In Ongoing Attack

by

The Microsoft Exchange attacks could be a lot worse than initially thought, as reports suggest ‘hundreds of thousands’ servers have now been hacked globally. Here’s how to find out if yours is one of them.

Microsoft corporate logo seen on sign

Microsoft Exchange server exploits have expanded beyond original attackers

 

ASSOCIATED PRESS

Earlier this week, the Microsoft Threat Intelligence Center, Microsoft 365 Defender Threat Intelligence Team and Microsoft 365 Security issued a joint advisory warning that on-premises Exchange servers were being attacked. The nature of that attack, using no less than four zero-day exploits (for previously unreported vulnerabilities) meant that an out-of-band emergency patch had been released. Microsoft, along with the U.S. Department of Homeland Security, advised everyone to update immediately. The DHS even went as far as to issue an emergency directive requiring federal civilian branch agencies to do so in short order.

Initially, Microsoft stated that the attack, attributed to Chinese nation-state threat actors known as HAFNIUM, was “limited and targeted”, but now reports are emerging that hundreds of thousands of servers have been compromised, with talk of an exploit rate in the region of 1,000 servers every hour. This attack has expanded way beyond the reach of those original nation-state players, it would seem, and it is now open season on Microsoft Exchange for cybercriminals.

Investigative cybersecurity journalist, Brian Krebs, has reported that, according to experts who have briefed U.S. national security advisors, hundreds of thousands of servers have been successfully hacked globally. In the U.S. alone, this number is said to be more than 30,000 compromised servers.

 

Given that the attacks are thought to have started on January 6, this might come as no great surprise. However, it would appear that the threat itself has changed gear this week, and there are now multiple campaigns compromising unpatched servers at a rate of knots.

MORE FOR YOU

Writing at Wired, Andy Greenberg quotes a security researcher “with knowledge of the investigation,” saying that there are “thousands of servers compromised per hour” globally. This doesn’t mean that all of those organizations have been targeted by HAFNIUM, but rather these are likely the result of automated scans looking for unpatched machines.

Indeed, Microsoft has confirmed that it “continues to see increased use of these vulnerabilities in attacks targeting unpatched systems by multiple malicious actors beyond HAFNIUM.”

Obviously, the previously stated advice to update those on-premises Exchange servers now remains the best mitigation option. Even White House press secretary Jen Psaki warned, on March 5, that this should be done immediately. Microsoft has published interim mitigations for those unable to patch their Exchange servers here.

But what if your server has already been got at? Indeed, how can you tell?

Microsoft has released a Nmap script for checking your Exchange server for indicators of compromise of these exploits, and you can find it on GitHub. The Cybersecurity and Infrastructure Security Agency (CISA) has also published a list of tactics, techniques and procedures. Meanwhile, FireEye Mandiant researchers have a list of investigation tips, including indicators of compromise, here.

View Source

Filed Under: SCIENCE/TECH Tagged With: Cybersecurity, Enterprise Tech, Innovation, Jen Psaki, National

Primary Sidebar

More to See

The Madison Club’s Latest $27M Mansion: Luxury in La Quinta, CA

The poshest place in California's Coachella Valley is The Madison Club. This exclusive gated community in La Quinta is where A-listers and tycoons … [Read More...] about The Madison Club’s Latest $27M Mansion: Luxury in La Quinta, CA

Quality Wines From The Romagna Region Of Italy

Piazza del Popolo in the evening, Ravenna, Emilia-Romagna, Italy getty Italy has 20 different geographical regions, and Emiglia-Romagna—in the … [Read More...] about Quality Wines From The Romagna Region Of Italy

Investigators of War Crimes in Ukraine Face Formidable Challenges

KOROPY, Ukraine — Four men tugged at long strips of fabric to lift a coffin out of the gaping hole in the backyard of a small house. They flung the … [Read More...] about Investigators of War Crimes in Ukraine Face Formidable Challenges

Copyright © 2022 · Republica Press · Log in · As an Amazon Associate we earn from qualifying purchases.

Terms and Conditions - Privacy Policy