- Tens of thousands of small and medium-sized businesses affected by cyberattack on Microsoft Exchange
- Few compromised companies are likely to be directly attacked, but the breach does potentially create vulnerabilities
- Microsoft provides guidance and a software patch to remedy the issue
Businesses are being urged to review their software for a potential breach after a wide-ranging cyberattack directed at Microsoft Exchange, a popular business e-mail and calendar service.
There are at least 60,000 known victims of the cyberattack, including many small and medium-sized businesses. Exchange is also popular with state and local governments and some military contractors.
The hackers are apparently pushing to infect as many servers as possible before the systems can be secured, including the use of automated software to find and hack any vulnerable servers. Once a Microsoft Exchange server is breached, a hacker can access and read e-mails as well as install software.
The attack seems to be indiscriminate, with few of the targeted servers likely to be actively exploited by hackers. However, the breach could allow hackers to monitor breached servers and take actions such as stealing data or installing ransomware in the future if the issue is not remedied.
Microsoft blamed the attack on Hafnium, a hacking group backed by the Chinese government. The company also released technical details on the attack, provided a patch to fix the vulnerabilities, and provided information on how to determine if your server has been compromised.
The incident comes just months after another large-scale cyberattack, when suspected Russian hackers tampered with updates from the IT management software company SolarWinds. Nine federal agencies and approximately 100 companies were breached as a result.