Saudi Press

Saudi Arabia and the world
Friday, Aug 22, 2025

The Microsoft Exchange hack shows attackers are working 'smarter, not harder,' experts say

The Microsoft Exchange hack shows attackers are working 'smarter, not harder,' experts say

Experts are still unsure of the hackers' motivations, and whether the incident may have been a "test run" for a larger attack.

News about a hack that impacted hundreds of thousands of global organizations has largely flown under the radar.

On March 3, Microsoft announced Hafnium, a Chinese-sponsored hacker group, exploited vulnerabilities in its Exchange email servers. Microsoft said hackers left behind "web shells," or tools that allow bad actors to access victims' systems remotely after initial access.

The attack impacted hundreds of thousands of organizations globally and 30,000 in the US. Experts recently told Insider's Aaron Holmes the hack could be "1,000 times more crippling" than the widely publicized SolarWinds attack.

Cyber security experts say though the Exchange server hack has not shocked Americans the way the SolarWinds attack did last year, but citizens must pay attention because of the likely increase in hacks this year and the different ways bad actors are exploiting victims.

"This attack underscores just how vulnerable even the most secure organizations or individuals are when targeted by skilled cybercriminals," Marcin Klecyznski, the CEO of Malwarebytes, told Insider.

Microsoft announced a hack in its Exchange email servers on March 3.

Why you should care about the attack


One takeaway from the Exchange Server attack is that no one is safe from a hack.

Microsoft is an industry leader that accelerated cloud-based security efforts as offices transitioned to remote work during the pandemic. But getting hacked means companies need to develop software with security in every step, as well as have an incident response plan to patch flaws and notify users, per Jonathan Knudsen, a senior security strategist at Synopsys Software Integrity Group.

The hack also suggests cybercriminals are working "smarter, not harder," said Klecyznski. Bad actors know IT security teams' resources have become more stretched due to the rise in remote work, and hackers are looking to advantage of that gap in oversight, he said.

Knudsen advises anyone responsible for a Microsoft Exchange server to patch the system and check for signs of an attack. Systems administrators also need to update servers and carefully examine systems at all times, because hackers can have access to a device for months or years before someone notices.

Kelvin Coleman, the executive director at the National Cyber Security Alliance, said security experts are still unsure of the hackers' motivations, and whether the incident may have been a "test run" for a larger attack — which makes protecting user accounts with quality passwords and multi-factor authentication imperative.

"It can impact a lot of things if folks don't have confidence that their information is protected and secure," Coleman said.

How the Microsoft Exchange hack differs from other attacks


SolarWinds hackers were able to spy on federal agencies like the Department of Homeland Security and Treasury Department. Coleman said the Microsoft attack has received relatively less media attention due to the victims being small- to mid-size organizations and local governments, but that still leaves systems and personal information vulnerable.

The attack also differs from others because hackers did not need to interact with victims to get access to their information, said Ben Read, the senior manager for Cyber Espionage Analysis in FireEye's Intelligence unit. Unlike a phishing scam, which relies on users clicking into a link with malware, the Exchange Server attack gave hackers more control.

Read said that, though this isn't the first time this kind of attack happened, there's been a rise in vulnerabilities in web-facing applications in the past 18 months. Analysts predict cyber attacks will dramatically increase this year as hackers exploit uncertainty around COVID-19 and take advantage of remote workers.

"The sheer number of victims makes it a big deal," Read said in an interview with Insider. "Anyone who hasn't taken mitigation efforts...they're vulnerable as other groups kind of figure out how to exploit these vulnerabilities."

Newsletter

Related Articles

Saudi Press
0:00
0:00
Close
Dogfights in the Skies: Airbus on Track to Overtake Boeing and Claim Aviation Supremacy
Tim Cook Promises an AI Revolution at Apple: "One of the Most Significant Technologies of Our Generation"
Are AI Data Centres the Infrastructure of the Future or the Next Crisis?
Miles Worth Billions: How Airlines Generate Huge Profits
Zelenskyy Returns to White House Flanked by European Allies as Trump Pressures Land-Swap Deal with Putin
Beijing is moving into gold and other assets, diversifying away from the dollar
Cristiano Ronaldo Makes Surprise Stop at New Hong Kong Museum
Zelenskyy to Visit Washington after Trump–Putin Summit Yields No Agreement
High-Stakes Trump-Putin Summit on Ukraine Underway in Alaska
Iranian Protection Offers Chinese Vehicle Shipments a Cost Advantage over Japanese and Korean Makers
Saudi Arabia accelerates renewables to curb domestic oil use
Cristiano Ronaldo and Georgina Rodríguez announce engagement
Asia-Pacific dominates world’s busiest flight routes, with South Korea’s Jeju–Seoul corridor leading global rankings
Private Welsh island with 19th-century fort listed for sale at over £3 million
Sam Altman challenges Elon Musk with plans for Neuralink rival
Australia to Recognize the State of Palestine at UN Assembly
The Collapse of the Programmer Dream: AI Experts Now the Real High-Earners
Armenia and Azerbaijan to Sign US-Brokered Framework Agreement for Nakhchivan Corridor
British Labour Government Utilizes Counter-Terrorism Tools for Social Media Monitoring Against Legitimate Critics
WhatsApp Deletes 6.8 Million Scam Accounts Amid Rising Global Fraud
Nine people have been hospitalized and dozens of salmonella cases have been reported after an outbreak of infections linked to certain brands of pistachios and pistachio-containing products, according to the Public Health Agency of Canada
Texas Residents Face Water Restrictions While AI Data Centers Consume Millions of Gallons
Tariffs, AI, and the Shifting U.S. Macro Landscape: Navigating a New Economic Regime
India Rejects U.S. Tariff Threat, Defends Russian Oil Purchases
United States Establishes Strategic Bitcoin Reserve and Digital Asset Stockpile
Thousands of Private ChatGPT Conversations Accidentally Indexed by Google
China Tightens Mineral Controls, Curtailing Critical Inputs for Western Defence Contractors
OpenAI’s Bold Bet: Teaching AI to Think, Not Just Chat
BP’s Largest Oil and Gas Find in 25 Years Uncovered Offshore Brazil
JPMorgan and Coinbase Unveil Partnership to Let Chase Cardholders Buy Crypto Directly
British Tourist Dies Following Hair Transplant in Turkey, Police Investigate
WhatsApp Users Targeted in New Scam Involving Account Takeovers
Trump Deploys Nuclear Submarines After Threats from Former Russian President Medvedev
Germany’s Economic Breakdown and the Return of Militarization: From Industrial Collapse to a New Offensive Strategy
IMF Upgrades Global Growth Forecast as Weaker Dollar Supports Outlook
Politics is a good business: Barack Obama’s Reported Net Worth Growth, 1990–2025
"Crazy Thing": OpenAI's Sam Altman Warns Of AI Voice Fraud Crisis In Banking
Japanese Prime Minister Vows to Stay After Coalition Loses Upper House Majority
President Trump Diagnosed with Chronic Venous Insufficiency After Leg Swelling
Man Dies After Being Pulled Into MRI Machine Due to Metal Chain in New York Clinic
FIFA Pressured to Rethink World Cup Calendar Due to Climate Change
"Can You Hit Moscow?" Trump Asked Zelensky To Make Putin "Feel The Pain"
Nvidia Becomes World’s First Four‑Trillion‑Dollar Company Amid AI Boom
Iranian President Reportedly Injured During Israeli Strike on Secret Facility
Kurdistan Workers Party Takes Symbolic Step Towards Peace in Northern Iraq
BRICS Expands Membership with Indonesia and Ten New Partner Countries
Elon Musk Founds a Party Following a Poll on X: "You Wanted It – You Got It!"
AI Raises Alarms Over Long-Term Job Security
Saudi Arabia Maintains Ties with Iran Despite Israel Conflict
Russia Formally Recognizes Taliban Government in Afghanistan
×