White House says Microsoft email hackers have ‘large number of victims’

Much of the activity was concentrated in the United States, but victims have popped up around the world.

The hackers behind the powerful set of digital intrusion tools exposed this week have racked up a worrying number of victims, the White House said Friday, the latest indication that the cyber espionage campaign targeting Microsoft Corp’s Exchange email software poses a serious threat.

“This is a significant vulnerability that could have far reaching impacts,” White House press secretary Jen Psaki told reporters. “We’re concerned that there’re a large number of victims.”

Wielding tools that exploited four previously unknown vulnerabilities, the allegedly Chinese group that Microsoft dubs “Hafnium” has been breaking into email servers since January, remotely and silently siphoning information from their inboxes without having to send a single malicious email or rogue attachment.

Few victims of the hackers have been made public so far. Microsoft said this week that targets included infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and non-governmental groups.

On Tuesday researchers at Dell Technologies’ Secureworks said the pace of break-ins began spiking overnight last Sunday, something others have read as an indication that the hackers ramped up their activity because they knew they were about to be exposed.

Much of the activity was concentrated in the United States, but victims have popped up around the world.

Norwegian authorities said they had seen “limited” use of the hacking tools in their country. The Prague municipality and the Czech Ministry for Labor and Social Affairs were among those affected, according to a European cyber official briefed on the matter.

The official said that the technique’s ease of exploitation meant that the hackers had effectively been enjoying a “free buffet” since the beginning of the year.

The worry now is that others may be about to join the feast.

Although Microsoft has published fixes for the vulnerabilities and the U.S. government – including National Security Adviser Jake Sullivan – has urged users to update their software, in practice not everyone is. Meanwhile, hackers are studying the fixes to reverse engineer Hafnium’s tools and appropriate them for themselves.

Once that happens, experts say, the targeting may get even more aggressive.

You have reached your limit for free articles this month.

Subscription Benefits Include

Today’s Paper

Find mobile-friendly version of articles from the day’s newspaper in one easy-to-read list.

Unlimited Access

Enjoy reading as many articles as you wish without any limitations.

Personalised recommendations

A select list of articles that match your interests and tastes.

Faster pages

Move smoothly between articles as our pages load instantly.


A one-stop-shop for seeing the latest updates, and managing your preferences.


We brief you on the latest and most important developments, three times a day.

Support Quality Journalism.

*Our Digital Subscription plans do not currently include the e-paper, crossword and print.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button