Microsoft has said a state-sponsored hacking group operating out of China is exploiting previously unknown security flaws in its Exchange email services to steal data from business users.

The company said the hacking group, which it has named "Hafnium", is a "highly skilled and sophisticated actor".

Hafnium has in the past targeted US-based companies including infectious disease researchers, law firms, universities, defense contractors, think tanks and NGOs.

In a blog post on Tuesday, Microsoft executive Tom Burt said the company had released updates to fix the security flaws, which apply to on-premises versions of the software rather than cloud-based versions, and urged customers to apply them.

"We know that many nation-state actors and criminal groups will move quickly to take advantage of any unpatched systems," he added.

"Promptly applying today's patches is the best protection against this attack."

Microsoft said the group was based in China but operated through leased virtual private servers in the United States, and that it had briefed the US government.

Beijing has previously hit back at US accusations of state-sponsored cybertheft. Last year it accused Washington of smears following allegations that Chinese hackers were attempting to steal coronavirus research.

In January, US intelligence and law enforcement agencies said Russia was probably behind a massive SolarWinds hack that shook the government and corporate security, contradicting then-president Donald Trump who had suggested China could be to blame.

Microsoft said Tuesday the Hafnium attacks "were in no way connected to the separate SolarWinds-related attacks."

bur-reb/am/axn

MICROSOFT

Related Links
Cyberwar - Internet Security News - Systems and Policy Issues

Tweet

Thanks for being here; We need your help. The SpaceDaily news network continues to grow but revenues have never been harder to maintain. With the rise of Ad Blockers, and Facebook - our traditional revenue sources via quality network advertising continues to decline. And unlike so many other news sites, we don't have a paywall - with those annoying usernames and passwords. Our news coverage takes time and effort to publish 365 days a year. If you find our news sites informative and useful then please consider becoming a regular supporter or for now make a one off contribution.
SpaceDaily Contributor $5 Billed Once credit card or paypal		SpaceDaily Monthly Supporter $5 Billed Monthly paypal only

Former defense contractor pleads guilty to taking classified documents
Washington DC (UPI) Feb 26, 2021
A former U.S. Air Force contractor pleaded guilty to stealing about 2,500 pages of classified documents, the Justice Department announced. Izaak Vincent Kemp admitted that he illegally took 112 classified documents during his employment between 2016 and 2019 at the U.S. Air Force Research Laboratory and the National Air and Space Intelligence Center, both located at Wright-Patterson Air Force Base, Ohio. The AFRL oversees development of advanced weapons, while the NASIC analyzes intellig ... read more