11 Mar Here’s what we know so far about the massive Microsoft Exchange hack
The breach is believed to have targeted hundreds of thousands of Exchange users around the world. Microsoft (The hack is mainly a concern for business and government customers that use Microsoft’s Exchange Server product. Microsoft said it has “no evidence that Hafnium’s activities targeted individual consumers or that these exploits impact other Microsoft products.” It has said the cloud-based Exchange Online and Microsoft 365 products were not affected. The types of victims so far identified by Microsoft and US government agencies include state and local governments, policy think tanks, academic institutions, infectious disease researchers and businesses such as law firms and defense contractors. Cybersecurity firm FireEye also White House press secretary Jen Psaki and national security adviser Jake Sullivan also urged IT administrators nationwide to install the software fixes immediately. The CISA last week warned that if not addressed, the malicious activity could “enable an attacker to gain control of an entire enterprise network.” Biden administration is expected to form a task force involving multiple agencies — including the National Security Council, FBI, CISA and others — to address the hack.”This has the potential to simultaneously affect organizations that are critical to everyday life in the US,” a source familiar with the US government investigation into the attack told CNN.