Earlier this month Microsoft released emergency security updates to plug four security holes in Exchange Server versions 2013 to 2019. Microsoft revealed that the Exchange flaws were targeted by an unidentified Chinese group called Hafnium. The group of Chinese hackers was actively targeting Microsoft Exchange servers. The zero-day vulnerabilities they were exploiting allowed them to hit a copious amount of organisations around the world. This included small businesses, towns, cities, and local governments.
In relation to this, Acer, a Taiwanese electronics and computer company was hit by a REvil ransomware attack. The hackers demanded a ransom of $50,000,000 – the largest known ransom to date. It is said that the REvil group targeted a Microsoft Exchange Server on Acer’s domain, giving them access to documents that included financial spreadsheets, bank balances, and bank communications.
Microsoft released a number of patches for multiple different on-premise Microsoft Exchange Servers, including one on Friday 19th of March which affected a lot of servers and caused them to become corrupted. According to some cybersecurity researchers, as many as 10 different hacking groups were actively using the zero-day exploits to target companies in over 114 different countries, because of this over 70,000 servers got affected worldwide.
At Pcwsolutions we were able to patch our servers earlier during the month when we became aware of this. So, none of our customer’s data got stolen or exploited during this time.
We will continue to deliver secure data protection for all our exchange customers in order to reduce any future cybercrimes. Our IT Security section has more information on the extent of how we protect our customers.
Read our last article on Vulnerable Industries in 2021 Due to Cyber Attacks