Back هجمات انترنت ضد ميكروسوفت إكستشينج 2021 Arabic Violación de datos en Microsoft Exchange Server en 2021 Spanish Hafnium-affaire Dutch Microsoft Exchange Server datainnbrudd i 2021 NB 2021 Microsoft Exchange Server data breach SIMPLE 2021年Microsoft Exchange Server数据泄露 Chinese

2021 Microsoft Exchange Server data breach

2021 Microsoft Exchange Server data breach
Date
  • 5 January 2021 (exploit first reported)[1]
  • 6 January 2021 (first breach observed)[1][2]
  • 2 March 2021 (breach acknowledged)[3]
LocationGlobal
TypeCyberattack, data breach
CauseMicrosoft Exchange Server zero-day vulnerabilities[4]
First reporterMicrosoft (public disclosure)[3]
SuspectsHafnium,[5][6] and at least nine others.[7]

A global wave of cyberattacks and data breaches began in January 2021 after four zero-day exploits were discovered in on-premises Microsoft Exchange Servers, giving attackers full access to user emails and passwords on affected servers, administrator privileges on the server, and access to connected devices on the same network. Attackers typically install a backdoor that allows the attacker full access to impacted servers even if the server is later updated to no longer be vulnerable to the original exploits. As of 9 March 2021, it was estimated that 250,000 servers fell victim to the attacks, including servers belonging to around 30,000 organizations in the United States, 7,000 servers in the United Kingdom,[8] as well as the European Banking Authority, the Norwegian Parliament, and Chile's Commission for the Financial Market (CMF).[9][10][11][12][13][14]

On 2 March 2021, Microsoft released updates for Microsoft Exchange Server 2010, 2013, 2016 and 2019 to patch the exploit; this does not retroactively undo damage or remove any backdoors installed by attackers. Small and medium businesses, local institutions, and local governments are known to be the primary victims of the attack, as they often have smaller budgets to secure against cyber threats and typically outsource IT services to local providers that do not have the expertise to deal with cyber attacks.[15]

On 12 March 2021, Microsoft announced the discovery of "a new family of ransomware" being deployed to servers initially infected, encrypting all files, making the server inoperable and demanding payment to reverse the damage.[16] On 22 March 2021, Microsoft announced that in 92% of Exchange servers the exploit has been either patched or mitigated.[17]

  1. ^ a b Cite error: The named reference Krebs was invoked but never defined (see the help page).
  2. ^ Cite error: The named reference Greenberg-Wired was invoked but never defined (see the help page).
  3. ^ a b Cite error: The named reference Microsoft-CVE was invoked but never defined (see the help page).
  4. ^ Cite error: The named reference :3 was invoked but never defined (see the help page).
  5. ^ Cite error: The named reference BBC was invoked but never defined (see the help page).
  6. ^ Cite error: The named reference Microsoft-HAFNIUM was invoked but never defined (see the help page).
  7. ^ Cite error: The named reference :10 was invoked but never defined (see the help page).
  8. ^ "Microsoft hack: 3,000 UK email servers remain unsecured". BBC News. 12 March 2021. Retrieved 12 March 2021.
  9. ^ Murphy, Hannah (9 March 2021). "Microsoft hack escalates as criminal groups rush to exploit flaws". Financial Times. Retrieved 10 March 2021.
  10. ^ O'Donnell, John (8 March 2021). "European banking regulator EBA targeted in Microsoft hacking". Reuters. Retrieved 10 March 2021.
  11. ^ Duffy, Clare (10 March 2021). "Here's what we know so far about the massive Microsoft Exchange hack". CNN. Retrieved 10 March 2021.
  12. ^ "Chile's bank regulator shares IOCs after Microsoft Exchange hack". BleepingComputer. Retrieved 17 March 2021.
  13. ^ "Comisión para el Mercado Financiero sufrió vulneración de ciberseguridad: no se conoce su alcance". BioBioChile - La Red de Prensa Más Grande de Chile (in Spanish). 14 March 2021. Retrieved 17 March 2021.
  14. ^ V, Vicente Vera. "CMF desestima "hasta ahora" el secuestro de datos tras sufrir ciberataque". Diario Financiero (in Spanish). Retrieved 17 March 2021.
  15. ^ "America's small businesses face the brunt of China's Exchange server hacks". TechCrunch. 10 March 2021. Archived from the original on 17 March 2021. Retrieved 12 March 2021.
  16. ^ Cite error: The named reference :8 was invoked but never defined (see the help page).
  17. ^ "Microsoft: 92% of vulnerable Exchange servers are now patched, mitigated". www.msn.com. Retrieved 29 March 2021.
From Wikipedia, the free encyclopedia · View on Wikipedia

Developed by Nelliwinne