The European Banking Authority, EBA, was one of the largest to be affected when Microsoft Exchange, Microsoft’s main web-based email server, was attacked by hackers in early March.
The EBA program works to see if and in which case the type of data someone might have read, says an EBA representative.
The attacks on Microsoft’s mail servers come on the heels of the so-called Solarwind, a Russia-related attack that affected several US government systems in December of last year.
President Joe Biden and his administration are now under pressure in some form of response to the growing number of cyber threats against the United States. It could be classic espionage or an attempt to break into potential hacker systems to prevent and stop new attacks. The last alternative was something the United States implemented prior to the 2018 midterm elections. As of now, it is not clear exactly what any measures or counterattacks might look like, although a counterattack against Russia has been reported.
It’s just an excuse to look tough without doing anything, says an anonymous cybersecurity veteran of the plans.
Referred to as China
Microsoft has cited Chinese hacker group Hafnium as guilty of the current attack on the Exchange server. Those who carried out the attack were able to partially bypass the passwords, partially exploit a vulnerability in the Exchange server and gain access to the system by pretending to be someone else. Since then, hackers have managed to control the servers remotely and have managed to steal data.
Those who attack are state-supported and have their operations in China, says a Microsoft representative.
There are more organizations and companies affected by the attack than Microsoft initially thought, and there is information up to 60,000 attacks on everything from small hotels and ice cream parlors to manufacturers of large kitchen and dormitory equipment, all of which use e-mail services.
One of the reasons for the high number is believed to be that many groups of hackers took the opportunity to exploit vulnerabilities that could have been modified in the patch.
Everyone who uses these email servers in authorities, businesses or universities needs to update them as soon as possible, says White House press secretary Jan Psaki.