The news: Alleged Chinese hacking of thousands of Microsoft Exchange servers has prompted calls for retaliatory US attacks.
How we got here: Researchers believe a hacking group named Hafnium began gaining access to Microsoft Exchange servers as early as January 6 this year. Hafnium, which multiple reports claim operates out of China, reportedly exploited four previously unknown vulnerabilities in Microsoft's Exchange servers' Outlook Web Access to gain access to at least 30,000 servers in the US alone, though that figure is expected to increase.
The hackers appear to have used automated scanning technology to indiscriminately target networks—which included small towns, cities, and local governments—and planted remotely accessible “web shell” backdoors on Exchange servers, per Wired.
What’s next: Fallout from both SolarWinds and the recent alleged Chinese hacking campaign has fueled calls for a retaliatory US government response. 2019 changes to the Defense Authorization Act allow US Cyber Command to “defend forward” by operating outside of US networks, making it easier for the US government to gather intelligence and retaliate. US intervention is reportedly underway, per The New York Times.
One Liberty Plaza9th FloorNew York, NY 100061-800-405-0844