Earlier this month, Microsoft announced that Chinese hackers were trying to exploit vulnerabilities in its Exchange Server, a mail and calendar service used by corporates and organisations. The breach is now being considered one of the biggest cybersecurity stories in recent times, so big that even the United States' White House has stepped in for damage control. US President Joe Biden's administration has said that the breach can have "far-reaching consequences". Multiple reports have noted the number of affected organisations at over 30,000 in the US alone, with several hundred thousand worldwide. What happened? On March 2, Microsoft issued a statement, informing its users — and the world at large — that the company had identified a state-sponsored threat action that it dubbed as "Hafinium". The company said there were vulnerabilities in Exchange Server, which Hafinium was exploiting. "Hafnium operates from China, and this is the first time we’re discussing its activity. It is a highly skilled and sophisticated actor." Historically, Hafinium primarily targets entities in the US to exfiltrate information from industry sectors such as infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks and NGOs, the company said in a blog post. "While Hafnium is based in China, it conducts its operations primarily from leased virtual private servers (VPS) in the United States." What Microsoft has done so far: Microsoft has released emergency security patches for its 2010, 2013, 2016 and 2019 version of the software. Security researcher Brian Krebs reported, on his blog KrebsonSecurity,…
