Hackers have breached European Banking Authority (EBA) mail servers in global cyber attacks targeting Microsoft Exchange Server – and though the Paris-based European Union financial security agency says none data was stolen in the course of the attack, it remains on high alert.
The EBA was the victim of a hacking campaign exploiting four zero-day vulnerabilities in Microsoft Exchange Server that affected tens of thousands of organizations around the world.
The vulnerabilities allowed cyber attackers to gain access to the European Banking Authority’s mail servers, initially raising fears that hackers could gain access to personal data.
SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report in PDF format (TechRepublic)
However, in an update on the investigation of the incident, the EBA said the messaging infrastructure has been secured and at this point it is believed that “no data extraction has been performed” and that there is “no indication to believe that the violation went beyond our email servers”.
The ABE messaging system has been taken offline as a precaution, but has now been fully restored following the deployment of additional security measures.
“Since learning about the vulnerabilities, the EBA has taken a proactive approach and performed a thorough assessment to appropriately and effectively detect any intrusion into the network that could compromise the confidentiality, integrity and availability of its systems and data, ”the EBA said in a statement.
“In addition to securing its messaging system, the EBA remains on enhanced security alert and will continue to monitor the situation,” he added.
The analysis of the Microsoft Exchange server attack was carried out by the European Banking Authority in collaboration with the European Union Computer Emergency Response Team (CERT-EU), as well as other security experts.
The EBA is just one of thousands of organizations around the world reportedly targeted by attackers exploiting recently discovered zero-day vulnerabilities in Microsoft Exchange Server, email inbox, calendar and solution. tools used by businesses of all sizes around the world. world.
Microsoft has released a security update to address the vulnerabilities and urges customers to apply it as soon as possible to protect against attacks.
Cyber attacks targeting Microsoft Exchange Server have been attributed to a state-sponsored, China-sponsored Advanced Persistent Threat (APT) hacking group known as Hafnium.
Other organizations targeted by the hacking group include think tanks, nonprofits, defense contractors, higher education institutions, and infectious disease researchers.