A Systematic Review of 2021 Microsoft Exchange Data Breach Exploiting Multiple Vulnerabilities
Alexis M Pitney, Spencer Penrod, Molly Foraker, Suman Bhunia
Abstract
At the beginning of 2021 a massive amount of servers using Microsoft's Exchange program were breached by a foreign hacker group called HAFNIUM. This group discovered and exploited 4 different zero-day vulnerabilities which sent the entire cybersecurity community into a panic. Immediately after data breach was discovered, Microsoft and other governmental security agencies alerted all the users. Microsoft released multiple patches to safeguard the attack surface. This paper provides an in-depth analysis of the attack methodology, impacts and possible defense solutions. An estimated 400,000 Exchange Servers were affected by this attack, and a large portion of servers are still vulnerable today. Microsoft has released an effective security patch to stop the exploitation of the vulnerabilities.