Microsoft Cyberattack Continues Growing in Severity, Victims Racking Up

Microsoft had almost two months to push out the patch it shipped on Mar. 2.

Edward Gately, Senior News Editor

March 9, 2021

6 Slides
Cyber attack
Shutterstock

There are now at least 60,000 known victims of the massive Microsoft cyberattack on the company’s on-premises Exchange business email software globally.

That’s according to the latest Bloomberg report. The Microsoft cyberattack allowed access to email accounts and installation of malware to increase hackers’ dwell time inside a system.

Microsoft attributes the attack to HAFNIUM, a group considered to be state-sponsored and operating out of China.

In addition, malicious hackers compromised the European Banking Authority’s email servers in the attack.

Saryu Nayyar is CEO of Gurucul.

Nayyar-Saryu_Gurucul.jpg

Gurucul’s Saryu Nayyar

“With organizations migrating to Microsoft Office 365 en masse over the last few years, it’s easy to forget that on-premises Exchange servers are still in service,” she said. “Some organizations, notably in government, can’t migrate their applications to the cloud due to policy or regulation, which means we will see on-premises servers for some time to come.”

These zero-day vulnerabilities were first detected as early as Feb. 27. That’s according to the team at Huntress, which was first to report it via an MSP partner. The team is seeing organizations of all shapes and sizes affected.

According to Krebs on Security, Microsoft had almost two months to push out the patch it shipped on Mar. 2, or else help Exchange customers mitigate the threat from this flaw before attackers “started exploiting it indiscriminately.”

Scroll through our slideshow above for more coverage of this still-active and growing cyberattack.

Read more about:

VARs/SIs

About the Author

Edward Gately

Senior News Editor, Channel Futures

As senior news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like