Security News > 2021 > April > A Tale of Two Hacks: From SolarWinds to Microsoft Exchange
The past four months have exposed two high-profile attacks, which both had pundits declaring them the "Worst-ever" and "Unprecedented." They shared other similarities - both attacked businesses rather than individuals, and affected tens of thousands of organizations.
The second hack was against Microsoft Exchange servers and had a more familiar trajectory: Attackers found a series of zero-day vulnerabilities that could be chained together to break into any Exchange servers that were internet-accessible - and steal all the emails and files stored on them.
The unnerving subplot behind the Exchange server hack was that there was a race against the clock as the attackers seemed to have found out that Microsoft was about to issue patches for the vulnerabilities.
The SolarWinds hack drew ire because some believe supply-chain hacks are beyond the pale as they cause too much collateral damage - only a relatively small subset of the 18,000 affected organizations were likely hacked, but it's hard to know for sure if you were one of the lucky or unlucky ones.
The Microsoft Exchange server hacks drew ire because in the rush to hack as many servers as possible before the issuance of the patches, information about the exploits seems to have gotten around to a number of less-scrupulous bad actors.
Rather than just being used for information-gathering, the Exchange server hacks have already resulted in several attempts to ransom stolen data.
News URL
https://threatpost.com/solarwinds-hack-seismic-shift/165758/
Related news
- Microsoft Exchange adds warning to emails abusing spoofing flaw (source)
- Microsoft pulls Exchange security updates over mail delivery issues (source)
- Microsoft 365 outage impacts Exchange Online, Teams, Sharepoint (source)
- Microsoft re-releases Exchange updates after fixing mail delivery (source)
- Microsoft: “Hack” this LLM-powered service and get paid (source)