Sunday, October 17, 2021

Microsoft Exchange hack: Hackers breached the email servers of the European Banking Authority (EBA)

Must Read

Millions of Sensitive Medical Information that is Vulnerable online

The vulnerable medical information leaking from physicians and healthcare centers around the globe was found by cybersecurity firm CybelAngel...

Data Of 10 Million Digital Payments Transactions Leaked On Dark web In Juspay data breach

Sensitive information of over 100 million debit and credit cardholders have been leaked on the dark web, a security...

Twitter hires hacker ‘Mudge’ as its head of security

Twitter has been facing cybersecurity-related concerns lately. To that end, the social media giant has appointed one of the...

The European Banking Authority (EBA) on Sunday said it had been a victim of a cyberattack targeting its Microsoft Exchange Servers, forcing it to temporarily take its email systems offline as a precautionary measure.

Hackers breached the email servers of the European Banking Authority (EBA) as part of the global cyberattacks targeting the Microsoft Exchange Server – and while the Paris-based financial security agency for the European Union says that no data has been stolen as part of the attack, it remains on high alert.

“As the vulnerability is related to the EBA’s email servers, access to personal data through emails held on that servers may have been obtained by the attacker,” the Paris-based regulatory agency said.

The EBA fell victim to a hacking campaign exploiting four zero-day vulnerabilities in the Microsoft Exchange Server that has affected tens of thousands of organizations around the world.

EBA said it’s launched a full investigation into the incident in partnership with its information and communication technology (ICT) provider, a team of forensic experts, and other relevant entities.

The vulnerabilities allowed cyber attackers to gain access to the European Banking Authority’s email servers, initially leading to fears that personal data may have been accessed by hackers.

In a second update issued on Monday, the agency said it had secured its email infrastructure and that it found no evidence of data extraction, adding it has “no indication to think that the breach has gone beyond our email servers.”

“Since it became aware of the vulnerabilities, the EBA has taken a proactive approach and carried out a thorough assessment to appropriately and effectively detect any network intrusion that could compromise the confidentiality, integrity, and availability of its systems and data,” the EBA said in a statement.

“Besides re-securing its email system, the EBA remains in heightened security alert and will continue monitoring the situation,” it added.

Stating that the Chinese Exchange server hacks are a major norms violation, Dmitri Alperovitch, chairman of the Silverado Policy Accelerator and co-founder of CrowdStrike, said “while it started as targeted espionage campaign, they engaged in reckless and dangerous behavior by scanning/compromising Exchange servers across the entire IPv4 address space with web shells that can now be used by other actors, including ransomware crews.”

The rapidly accelerating intrusions, which also come three months after the SolarWinds hacking campaign, have been primarily attributed to a group called Hafnium, which Microsoft says is a state-sponsored group operating out of China.

Analysis of the Microsoft Exchange Server attack was carried out by the European Banking Authority in collaboration with the European Union’s Computer Emergency Response Team (CERT-EU), as well as additional security experts.

The EBA is just one of the thousands of organizations around the world that are believed to have been targeted by attackers exploiting newly discovered zero-day flaws in Microsoft Exchange Server, the email inbox, calendar, and collaboration solution used by enterprises of all sizes around the world.

Microsoft has released a security update to patch the vulnerabilities and is urging customers to apply it as soon as possible to protect themselves from being attacked.

Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.

Leave a reply

Please enter your comment!
Please enter your name here

Latest News

Unified endpoint management automation software to boost endpoint security

Endpoints are constantly connected to the internet, so they offer a gateway for cyberattacks. Endpoint security is simply the process...

Attackers Using Morse Code in phishing campaign to Evade Detection

Microsoft on Thursday revealed the techniques used by attackers to avoid detection using morse code in the phishing campaign.Microsoft also revealed the workings of...

Murata Manufacturing suffers data breach of employees and customer

Japanese electronic components manufacturer Murata has released an apology Notice for the data breach of thousands of files in June that contained bank account...

Everything about Signalling System 7(SS7)

Signaling System 7 (SS7) is an international telecommunication protocol standard that controls and regulates the network elements in a public switched telephone network (PSTN)....

Zimbra flaw lets attackers access the mail servers

Researchers discovered a flaw in the open-source Zimbra code. As a result, an attacker would gain unrestricted access to all sent and received emails...

More Articles Like This