EU banking authority hit by far-reaching Microsoft email hack

8 Mar 2021

Image: © Mariakray/Stock.adobe.com

The tech company is issuing updates for the thousands of users affected, while US authorities say the hack is an ‘active threat’.

The effects of a hack on Microsoft’s email infrastructure have reached Europe, with the European Banking Authority (EBA) stating its email servers have been compromised.

The details of the vulnerability in Microsoft Exchange, the system for managing business’s email services, emerged last week. The flaw allowed attackers to exploit and take control of email servers remotely and access their data.

Cybersecurity journalist and researcher Brian Krebs reported that around 30,000 US-based companies and organisations have been affected. Over the weekend, the White House described the incident as an “active threat”.

“Everyone running these servers – government, private sector, academia – needs to act now to patch them,” White House press secretary Jen Psaki said last week.

Now, the vulnerabilities have reared their heads on this side of the Atlantic. The EBA said its investigation into the compromise was ongoing and it is deploying further security measures to protect its systems.

Support Silicon Republic

“At this stage, the EBA email infrastructure has been secured and our analyses suggest that no data extraction has been performed and we have no indication to think that the breach has gone beyond our email servers,” the regulatory body said in a statement.

Chris Krebs, a former US government official who previously headed up the Cybersecurity and Infrastructure Security Agency, said on Twitter that the attack is the “real deal” and that anyone running a Microsoft Outlook Web Access server should “assume compromise”.

Over the weekend, Microsoft issued several updates to try and mitigate the threat.

While taking stock of the extent of the attacks, Microsoft has pointed the finger at Chinese culprits. It has dubbed the attacker group Hafnium and said it is a “highly skilled and sophisticated actor”.

“Historically, Hafnium primarily targets entities in the United States for the purpose of exfiltrating information from a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defence contractors, policy think tanks and NGOs,” Microsoft said in a blog post last week.

China has denied involvement in the attacks.

Jonathan Keane is a freelance business and technology journalist based in Dublin

editorial@siliconrepublic.com