Attempted Data Theft... Chinese Embassy in Washington D.C. Provides No Official Response
MS Releases Emergency Security Update to Prevent Hacking Damage
[Asia Economy Reporter Kim Suhwan] Microsoft (MS), a U.S. software company, revealed that a hacker group supported by the Chinese government infiltrated the email systems of U.S. government agencies and attempted to steal data.
On the 2nd (local time), MS stated on its blog, "The Chinese hacker group HAFNIUM has recently increased hacking attacks targeting U.S. institutions," adding, "They exploited vulnerabilities in our email server program, Exchange Server, to implant malicious software and attempt data theft." MS did not disclose the specific scale of the hacking or whether actual damage occurred.
MS also reported that it informed U.S. government agencies about the vulnerabilities and hacking attempts it detected.
HAFNIUM is known as a hacking group supported by the Chinese government that has conducted cyberattacks against companies, higher education institutions, and defense contractors within the U.S. MS stated, "HAFNIUM is a highly professional hacking group that has exploited previously unknown server vulnerabilities," and added, "We have released emergency security updates to prevent hacking."
The Chinese Embassy in the U.S. has not issued an official response regarding MS's attribution of the hacking to the Chinese government.
Previously, warnings about hacking attacks using MS's email servers had been continuously issued. In January, U.S. cybersecurity firm Volexity revealed that an unidentified foreign hacker group was attempting to hack by exploiting Exchange Server vulnerabilities.
Additionally, Mike McLellan, Head of Information Security at Dell Technologies, stated, "Just before MS's announcement of the hacking detection, on the 28th of last month, we observed a sharp increase in Exchange Server usage." The surge in server usage is interpreted as indicating the possibility of hacking attacks exploiting server vulnerabilities.
McLellan further explained, "Currently, it appears that hackers have not immediately stolen data but remained in the preparation stage to infiltrate the system internally to steal various confidential information," adding, "No traces of deep system infiltration have been found yet."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
