Sitemap
CodeX

Everything connected with Tech & Code. Follow to join our 1M+ monthly readers

Follow publication

Member-only story

CODEX

Microsoft Customers Were Secretly Under Attack For Two Months

Reports of another hidden cyber espionage campaign illustrate the power imbalance between technology titans and their customers

5 min readMar 7, 2021

--

Defending systems is hard when you don’t know you’re under attack. (Andreas Steidlinger/Scopio)

Tens of thousands of small businesses and other organizations have just found out that sophisticated state-sponsored attackers are actively exploiting vulnerabilities in their email systems running Microsoft Exchange Server software. Because of the company’s position of privilege in the technology industry, it is unlikely to suffer any serious consequences for willfully and deliberately allowing the victimization of its customers.

According to reporting from KrebsOnSecurity, researchers from the security firm Volexity initially detected the attacks on January 6, 2021. Though the full reporting lineage is not publicly available, indications are that Microsoft has known about the cyber espionage campaign since at least early February, choosing to privately correct software flaws in obscurity rather than inform its customers of the risks they were operating under. On March 2, 2021, Microsoft released a report on its investigation into the threat actor it dubbed “Hafnium” and issued several emergency patches to correct the associated software deficiencies. Volexity President…

--

--

CodeX
CodeX

Published in CodeX

Everything connected with Tech & Code. Follow to join our 1M+ monthly readers

Michael Figueroa
Michael Figueroa

Written by Michael Figueroa

Technology Business Hacker, Product Evangelist, & Cybersecurity Executive linkedin.com/in/michaelfigueroa | @figmic.bsky.social‬

Responses (1)