Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Microsoft Exchange Server
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
===2021=== {{Main|2021 Microsoft Exchange Server data breach}} In 2021, critical [[Zero-day (computing)|zero-day]] exploits were discovered in Microsoft Exchange Server.<ref>{{Cite web|date=2021-03-02|title=HAFNIUM targeting Exchange Servers with 0-day exploits|url=https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/|access-date=2021-03-14|website=Microsoft Security|language=en-US}}</ref> Thousands of organizations have been affected by hackers using these techniques to steal information and install malicious code.<ref>{{Cite news|date=2021-03-11|title=Exchange email hack: Hundreds of UK firms compromised|language=en-GB|work=BBC News|url=https://www.bbc.com/news/technology-56365372|access-date=2021-03-12}}</ref> Microsoft revealed that these vulnerabilities had existed for around 10 years,<ref name=2021hackcnbc/> but were exploited only from January 2021 onwards. The attack affected the email systems of an estimated 250,000 global customers, including state and local governments, policy think tanks, academic institutions, infectious disease researchers and businesses such as law firms and defense contractors.<ref name=2021hackcnn/> In a separate incident, an ongoing [[Brute-force attack|brute-force]] campaign from mid-2019 to the present (July 2021){{Update inline|date=November 2023|reason=2 years later since updated, still says this is ongoing}}, attributed by [[National Cyber Security Centre (United Kingdom)|British]] and American ([[National Security Agency|NSA]], [[Federal Bureau of Investigation|FBI]], [[Cybersecurity and Infrastructure Security Agency|CISA]]) security agencies to the [[GRU (Russian Federation)|GRU]], uses/used publicly known Exchange vulnerabilities, as well as already-obtained account credentials and other methods, to infiltrate networks and steal data.<ref>{{cite web |url=https://www.nsa.gov/news-features/press-room/Article/2677750/nsa-partners-release-cybersecurity-advisory-on-brute-force-global-cyber-campaign/ |title=NSA, Partners Release Cybersecurity Advisory on Brute Force Global Cyber Campaign |website=nsa.gov |publisher=[[National Security Agency]] |access-date=July 2, 2021 |archive-date=July 2, 2021 |archive-url=https://web.archive.org/web/20210702002139/https://www.nsa.gov/news-features/press-room/Article/2677750/nsa-partners-release-cybersecurity-advisory-on-brute-force-global-cyber-campaign/ |url-status=dead }}</ref><ref>{{cite web |url=https://media.defense.gov/2021/Jul/01/2002753896/-1/-1/1/CSA_GRU_GLOBAL_BRUTE_FORCE_CAMPAIGN_UOO158036-21.PDF |title=Russian GRU Conducting Global Brute Force Campaign to Compromise Enterprise and Cloud Environments |website=Defense.gov |publisher=Joint publication form US/UK security agencies |access-date=July 3, 2021}}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)