cyberpeace logo white
DONATE
JOIN US


CyberPeace Foundation is an organization working to create and uphold cyber peace and harmony throughout the globe. It continuously strives towards spreading cyber hygiene and cyber ethics.

The primary initiatives undertaken by us are:
CyberPeace Corps
Cyber Bridge
Charity Bounty
e-Raksha
e-Kawach

It has been found that cybercrimes and threats to women online are rising by the day, so that they are the prime targets of some sensitive crimes like revenge pornography and sextortion. For more details please visit digitalshakti.org

It has been found that cybercrimes and threats to women online are rising by the day, so that they are the prime targets of some sensitive crimes like revenge pornography and sextortion. Reasons causing this are not only economical, but also social and cultural, that prevent women from using the internet and issues like trolling that pop up when one uses it too often. With the development of a more advanced and digital age , it is of paramount importance to break this gender divide and create awareness among internet users, to help curb the threats and problems associated with the internet and its usage, and also pave a path to reap the benefits of these great technological advancements.

SUPPORT US TODAY! : Fundraising for the local community causes World Help received.

We are here to help you at any time all over the world so don’t hesitate to reach us at any moment.

Get in Touch

Locations

India

USA

Africa

+91 82350 58865
secretariat@cyberpeace.net

#incident_report: The Microsoft Exchange Hack

Dec 14, 2021

A blog post by the corporate vice president of Microsoft revealed that Microsoft’s popular email exchange software Microsoft Exchange, which is used by many private and governmental organizations and departments, has been affected by an alleged state-sponsored cyber attack from China. The present blog will take one through the whole incident and what exactly happened.

What is Microsoft Exchange?

Microsoft Exchange is a service developed by Microsoft for Businesses, Enterprises and Academic Institutions to manage all of their Emails, Calendars etc. Microsoft Outlook is one interface of this service where one can access the client end of this service. It’s a very scalable solution for organisations and institutions as one can manage and configure all of the clients in one place. It also offers other services like Meeting scheduling, contacts, calendaring, and task management as well.

What Exactly Happened?

The issue was first identified when a private organisation, which was involved in the business of Network Security monitoring, identified large amounts of data flowing to IP addresses belonging to illegitimate users. On further examination, the organisation found that that this was a hack was exploiting the vulnerabilities of Microsoft exchange servers and then stealing the entire information from the user mailboxes.

Then the reports and official statement by Microsoft revealed that an alleged state-sponsored attack on the zero-day vulnerabilities of the Microsoft Exchange services, by an actor located in China known as Hafnium, has affected the customers of Microsoft Worldwide. The attack begins by accessing the Exchange Server which is present in the premises of the organisation by either using stolen passwords or previously undiscovered vulnerabilities. Then these actors establish a connection to control the server remotely, while also creating a web shell where anyone on the internet can access and collect the data, and then use this remote access to steal data from the organisation.

The extent of the attack

As mentioned before, the attack has affected people, organisations and institutions worldwide. Microsoft, themselves has reported that Organisation which was running on-premises versions of Microsoft Exchange Server 2013, 2016, and 2019 were affected. According to an article by Wall street journal, as many as 250,000 customers of Microsoft could be at risk and almost 30,000 American Businesses have been affected by this incident. Another report by Bloomberg claims that almost 60,000 victims have been identified around the world. Several governmental Institutions like the regulatory agency of the European Union, the European Banking Authority and the Norwegian Parliament have been affected by these incidents as well. Even several Indian Organisations belonging to the Banking / Finance Sector, Government/military sector, manufacturing sector and legal/insurance sector have been affected by the attack as well. However, the United States has been affected significantly more than other countries by this hack.

The response to this incident

Microsoft released its security patches on 2nd March 2021 to all of their Microsoft Exchange versions. The platform further clarified that this incident is only limited to business users and has not affected the individual customers of Microsoft in any way.

Furthermore, with regard to regard to the investigation of the matter, Microsoft released the following statement

“We are working closely with the CISA [the Cybersecurity and Infrastructure Security Agency], other government agencies, and security companies to ensure we are providing the best possible guidance and mitigation for our customers,”

And with regard to the steps to be taken by the parties who have been at risk, the following was said

“The best protection is to apply updates as soon as possible across all impacted systems. We continue to help customers by providing additional investigation and mitigation guidance. Impacted customers should contact our support teams for additional help and resources.”