Microsoft has blamed the Chinese government for a cyber security incident that resulted in tens of thousands of compromised e-mail servers round the world.
A sophisticated attack discovered last week on Microsoft’s e-mail system, Microsoft Exchange, is reportedly escalating into a global cyber security disaster, as hackers race to infect as many users as possible.
The Microsoft Exchange account is a work or school e-mail account, which runs on the Windows Server operating system.
The incident, which had affected over 60 000 users across the globe by the weekend, mainly US-based small and medium businesses, banks and energy suppliers, was identified by the Microsoft Threat Intelligence Centre as a Chinese state-sponsored threat actor, called Hafnium.
According to the tech giant, Hafnium, which operates from China, is a highly-skilled and sophisticated actor, which primarily targets entities in the US for the purpose of exfiltrating information from a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defence contractors, policy think tanks and NGOs.
Microsoft has since released security updates which it says will protect customers running Exchange Server. However, it notes that even though it has worked quickly to deploy an update for the Hafnium exploits, many nation-state actors and criminal groups are also expected to move quickly to take advantage of any unpatched systems.
“We strongly encourage all Exchange Server customers to apply these updates immediately,” said Tom Burt, Microsoft corporate VP of customer security and trust.
“Exchange Server is primarily used by business customers, and we have no evidence that Hafnium’s activities targeted individual consumers, or that these exploits impact other Microsoft products. Promptly applying today’s patches is the best protection against this attack.”
The US government’s cyber security agency issued an emergency warning last week, urging state institutions to urgently patch their systems.