The alarm about the ongoing hack of Microsoft Exchange Server, which started as early as January, appears quite motivated. Microsoft believes that a state-sponsored Chinese group called Hafnium orchestrated the attack, which exploited flaws in Exchange software to gain access to email accounts and install unauthorized software and gain full control over affected systems.
Hafnium primarily targets units in the United States across a number of industrial sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, political think tanks, and NGOs, according to Microsoft. ALL organizations "across" ALL sectors "to follow their guidelines for addressing the vulnerabilities of e-mail software.
The number of affected U.S.-based organizations is estimated at at least 30,000 , while worldwide it is close to 100,000. Vulnerability can be exploited to compromise networks, steal information, encrypt data for redemption, or even carry out a destructive attack.CISA advises business leaders in all organizations to ask IT staff to immediately address this incident or get third-party IT support.
A Hafnium attack should trigger all cyber insurance that an organization has in place, according to Lockton, an insurance broker.Lockton recommends that organizations only contact their insurance company if they discover that the vulnerabilities exploited exist in the system, and if an attack is ongoing, it should be reported immediately to cyber insurance companies.