Litcius/Paper detail

A Systematic Review of 2021 Microsoft Exchange Data Breach Exploiting Multiple Vulnerabilities

Alexis M Pitney, Spencer Penrod, Molly Foraker, Suman Bhunia

20222022 7th International Conference on Smart and Sustainable Technologies (SpliTech)20 citationsDOI

Abstract

At the beginning of 2021 a massive amount of servers using Microsoft's Exchange program were breached by a foreign hacker group called HAFNIUM. This group discovered and exploited 4 different zero-day vulnerabilities which sent the entire cybersecurity community into a panic. Immediately after data breach was discovered, Microsoft and other governmental security agencies alerted all the users. Microsoft released multiple patches to safeguard the attack surface. This paper provides an in-depth analysis of the attack methodology, impacts and possible defense solutions. An estimated 400,000 Exchange Servers were affected by this attack, and a large portion of servers are still vulnerable today. Microsoft has released an effective security patch to stop the exploitation of the vulnerabilities.

Topics & Concepts

HackerServerComputer securityComputer scienceData breachWorld Wide WebNetwork Security and Intrusion DetectionInformation and Cyber SecurityAdvanced Malware Detection Techniques