Microsoft Exchange Server Hack: What’s happening?

Microsoft Exchange Server Hack

The Microsoft Exchange Hack is a big issue that has flown under the radar in terms of global news. With many people having little idea about what it is nor what the consequences that came with it are. With many people not even knowing that it is currently happening!

If you are one of these people, then you are in luck! This blog will be going over the ins and outs of exactly what the Microsoft Exchange Server Hack is and the issues it has caused for both Microsoft and the public.

What Happened?

For many of you, the first thing you may be asking is, what is the Microsoft Server Hack? Since January, this year, Microsoft has found four ‘zero-day exploits on the Microsoft Exchange Servers. These exploits have given cyber attackers full access to emails and passwords on affected servers, administrator privileges on the server, and access to connected devices sharing the same network.  Statistics have shown that as of 9th March, it has been estimated that 250,000 servers have been affected, including 30,000 US organisations and 7,000 UK servers.


Who Did It?

According to Microsoft, the zero-day exploits have been traced back to a Chinese organisation known as Hafnium, with reports saying the organization used a programme known as the ‘China Copper’ web shell to control the hacked servers. Microsoft identified Hafnium as “a highly skilled and sophisticated actor”. Allegations have claimed Hafnium were ‘state sponsored’ due to alleged previous ties to the Chinese Government. However, the Chinese Government has denied all claims and involvement in the situation. Currently, Microsoft is unaware of any third-party involvement.


What Is Being Done?

Microsoft is encouraging people to install security patches to assure the safety of their accounts, as well as releasing information so people can see if they have been affected. Furthermore, Microsoft has released security patches for versions of Exchange Server that did not have the most recent available software updates, However, Microsoft had stated that customers would have to apply the most recent updates before installing the security patches.

Microsoft announced that new ransomware was being deployed to servers affected. This ransomware caused all files to be encrypted and made servers inoperable. On the 22nd March, Microsoft announced that 92% of Exchange servers the exploit has been either patched or mitigated. However, some criticism was received, and concern was shared, with many feeling that not enough was done with Microsoft stating that the patches not banning attackers from the compromised systems.


What Can You Do?

With many people feeling like their online information is not fully protected, some are taking actions into their own hands. It has been advised that simple things are done, the main one being to change your passwords if your selected account has a link to the Exchange server. As well as this it would be a sensible decision to download all available patches from Microsoft and make sure you stay up to date with them.

These two simple actions will provide your accounts with a secure level of security, so there is no need to worry!

You could also consider migrating to 365 as this was unaffected by the attack, and what’s even better is that we can support you through this migration – get in touch today to find out more.



If you are worried about your cybersecurity, then here at Omicron, we will be happy to help you with you worries. We provide an outstanding service in IT and Data Security. So, if you are worried about your online security don’t hesitate to contact us.


Phone:  01727 861 553

Get in touch