Your IT Support Experts

We partner with many types of businesses, and strive to eliminate IT issues before they cause expensive downtime.



About Us

IT Services

Understanding IT



Contact Us


Free Consultation

Interested in seeing what we can do for your business? Contact us to see how we can help you! Sign Up Today

JensenIT Blog

HAFNIUM Attacks Target Most Microsoft Exchange Servers

HAFNIUM Attacks Target Most Microsoft Exchange Servers

The recent discovery of four flaws in Microsoft’s Exchange Server software came too late to prevent a rash of stolen emails, but that doesn’t mean you need to remain vulnerable to this attack. Let’s go over the story so far, and how you can help protect your business.

HAFNIUM, and Their Actions

Back on January 5th, 2021, a security researcher at security testing firm DEVCORE operating under the nom de plume “Orange Tsai” reported a few issues that were discovered in Exchange Server. The same issues were reported on January 27th by the Danish firm Dubex, and on February 2nd by a firm called Volexity. All these reports alluded to what proved to be the actions of a hacking group in China that goes by “HAFNIUM.” HAFNIUM’s hacking efforts have been directed toward the email platforms used in many different organizations’ systems—including organizations classified as infectious disease researchers, defense contractors, institutions of higher education, law firms, think tanks, and civil societies/non-government organizations.

In total, it seems apparent that hundreds of thousands of organizations making use of Microsoft Exchange have been swept up in the attack, breached by HAFNIUM with backdoors left open for the hacking group’s convenience later on.

These breaches were originally directed against exclusively high-value targets, but have swiftly become far less discerning in who may be affected, with all encountered servers now taken over by the automated attacks. While these attacks have left the cloud-hosted Exchange servers untouched, a lot of the victims were using both on-site and cloud-hosted in tandem.

A patch was released on March 2nd that only protects against infiltration, leaving those who had already been infected to fend for themselves.

This is Now A Global Cybersecurity Crisis

With the patch in play, it is now a race between hackers and organizations to see who acts first—with either HAFNIUM infecting a target or that target patching their systems against them.

Too many have already lost to HAFNIUM, at this point.

Even worse, these patches won’t do anything to resolve an existing breach, necessitating a comprehensive network analysis to eliminate any sign of infection. With this event constituting a zero-day threat against all self-hosted instances of Outlook Web Access that had not been patched within that span of a few days, these activities need to be prioritized within every business if only to be certain.

We’re here to help. As a managed service provider, part of our job is to help our clients identify and eliminate any risk factors and threats that issues within their technology may pose. Learn more about our services by calling (847) 803-0044 today.

How Your Business’ IT Future Has Changed in the Pa...
Making Sense of Bitcoin


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Sunday, April 11, 2021

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.jensenit.com/

Customer Login

Latest Blog

Today’s technology provides businesses with more options than they’ve ever had, including where they want to host their critical infrastructures. This decision will often boil down to between an onsite hardware implementation or utilizing the cloud. Let’s consider the differences that your decision needs to reflect.

Contact Us

Learn more about what JensenIT can do for your business.

1689 Elk Blvd
Des Plaines, Illinois 60016

Sign up for our Newsletter!

Hey! Before you go, subscribe to our newsletter for IT tech tips and advice!