Over60
Legal

Urgent email warning to Aussies over China hackers

Australians are being urged to check their emails after a major Chinese infiltration of Microsoft's email system has left many exposed.

There are fears that 7,000 servers are impacted by the threat in Australia after the Chinese state-backed hacker group known as HAFNIUM hit more than 30,000 servers in the USA.

The campaign led by the hackers found recently discovered flaws in Microsoft Exchange software and stole emails while infecting computer servers with tools that left hackers to take control of the servers remotely.

Brian Krebs, a cybersecurity expert, has reported on this massive breach.

“At least 30,000 organizations across the United States — including a significant number of small businesses, towns, cities and local governments — have over the past few days been hacked by an unusually aggressive Chinese cyber espionage unit that’s focused on stealing email from victim organisations,” Krebs wrote in the post.

One insider close to the incident explained whose been hit.

“It’s police departments, hospitals, tons of city and state governments and credit unions,” said one source who’s working closely with federal officials on the matter.

“Just about everyone who’s running self-hosted Outlook Web Access and wasn’t patched as of a few days ago got hit with a zero-day attack.”

A zero-day attack is where hackers exploit potentially serious software security that the developer might be unaware of.

The Microsoft Threat Intelligence Center (MSTIC) attributed the attacks with "high confidence" to a "state-sponsored threat actor" based in China which they named Hafnium.

Microsoft is urging network owners to download the security patches available as soon as possible.

It told customers "the best protection" was "to apply updates as soon as possible across all impacted systems".

However, if your Microsoft Exchange servers have already been compromised, the patches are not "full protection against attack". You can find out more information here.

Tags:
technology, microsoft, tech, emails