Until a few days ago, and until now for those not up on the latest developments in the tech world, hafnium was a word describing a barely known element on the periodic table included in the manufacture of control rods for nuclear power plants.
But thanks to our never-resting pals across the Pacific Ocean, hafnium now means something else.
There is a group of computer hackers based in China, and reportedly employed by that country’s communist government, which calls itself Hafnium — an indication that for all their technical prowess the Chinese are still far behind the West when it comes to creativity in describing their villainous ways.
The Chinese Hafnium hackers scored a massive coup against Microsoft late last month and into this month by infiltrating hundreds of thousands of Microsoft Exchange servers across the globe. That let the hackers download and read a whole lot of email; one can only imagine the amount of industrial and other espionage that resulted.
When news hit earlier this week that Chinese hackers were actively targeting Microsoft Exchange servers, the cybersecurity community warned that the zero-day vulnerabilities they were exploiting might have allowed them to hit countless organizations around the world. Now it’s becoming clear just many email servers they hacked. By all appearances, the group known as Hafnium breached as many victims they could find across the global internet, leaving behind backdoors to return to later.
Hafnium has now exploited zero-day vulnerabilities in Microsoft’s Exchange servers’ Outlook Web Access to indiscriminately compromise no fewer than tens of thousands of email servers, according to sources with knowledge of the investigation into the hacking campaign who spoke to WIRED. The intrusions, first spotted by security firm Volexity, began as early as January 6, with a noticeable uptick starting last Friday and spiking early this week. The hackers appear to have responded to Microsoft’s patch, released Tuesday, by ramping up and automating their hacking campaign. One security researcher involved in the investigation who spoke to WIRED on the condition of anonymity put the number of hacked Exchange servers at more than 30,000 in the US alone, and hundreds of thousands worldwide, all apparently by the same group. Independent cybersecurity journalist Brian Krebs first reported that 30,000 figure Friday, citing sources who had briefed national security officials.
The 30,000 figure shortly grew to 60,000 over the weekend as the full scope of the hack became understood.
“They went to town and started doing mass exploitation — indiscriminate attacks compromising exchange servers, literally around the world, with no regard to purpose or size or industry,” Stephen Adair, head of Volexity, a Virginia cybersecurity company, said in an interview with Bloomberg. “They were hitting any and every server that they could.”
The Chinese hackers’ tactics indicate a level of bad faith that can only be described as an act of war in cyberspace. They hit ice cream companies, banks, small businesses, the European Banking Authority, governmental agencies, whatever. They set up back doors into lots of these servers so they could continue their attacks later. They stole whatever information was available without regard to whether it had intelligence value.
And when asked about the hack, the response was a grin and a middle-finger salute:
Asked about Microsoft’s attribution of the attack to China, a Chinese foreign ministry spokesman said Wednesday that the country “firmly opposes and combats cyber attacks and cyber theft in all forms” and suggested that blaming a particular nation was a “highly sensitive political issue.”
And what is the Biden administration doing about this? Sanctioning Russia, of course.
Wait, what?
The Russians were reportedly the villains behind the SolarWinds hack, and the administration is hell-bent on punishing them for that:
It plans a series of clandestine actions across Russian networks — intended to send a message to Vladimir Putin and his intelligence services — combined with economic sanctions. President Joe Biden could issue an executive order to shore up federal agencies against Russian hacking, the newspaper reported.
“We are undertaking a whole of government response to assess and address the impact,” a White House official wrote in an email on Saturday. “This is an active threat still developing and we urge network operators to take it very seriously.”
Of course, there is reason to believe the Chinese were also involved in the SolarWinds fiasco, something the Biden administration hasn’t been too forthcoming in discussing. Now we have the Microsoft hack, which appears to be a whole lot worse.
And the Russians are going to get it. While the Chinese laugh.
You would think that the people in charge of our national security and government infrastructure now would be especially anxious to prove themselves up to the challenge of China. Especially since it was necessary to use unprecedented levels of propaganda and suppression of relevant information from the public of just how compromised the current president is by the Chinese in order for those people to attain the power they hold.
In other words, it’s more than a little suspicious that Joe Biden and his minions don’t have much to say about Chinese hackers conducting unrestricted cyberwarfare against American civilian digital infrastructure, while they’re talking tough about the smaller Russian cybersecurity threat, given the fact that Chinese communist business interests were doing sweetheart deals with Biden’s crackhead son Hunter.
You would think the Biden administration would be awfully sensitive to that and would therefore act as forcefully as possible against the Chinese.
Economic sanctions, let’s say, until the hackers responsible were produced to be tried and sentenced in American courts. Or cyberwarfare in return. Or, most importantly, a continuation of the Trump administration’s efforts to rip our supply chain out of China as quickly as practicable.
See anything much along those lines right now?
No?
Me neither.
But we’ll surely stick it to those sneaky Russians.
There’s an old college basketball joke, originating in a quip from famous University of Nevada, Las Vegas coach Jerry Tarkanian, that goes like this: The NCAA is so furious at Kentucky’s cheating that they just gave Cleveland State two more years of probation.
China is Biden’s Kentucky. He’s standing by and doing nothing while the Chinese wage war on the world using every means other than military — so far — because just like the NCAA couldn’t afford to bury Kentucky with probation and tournament bans, Biden can’t afford a public throw-down with the Chinese. They’re too big, and they can do him too much damage.
And Joe Biden surely lacks the stones to find out. Nobody really doubts that.
You’ll see this play out over the next four years, and it isn’t going to be good. It started with COVID-19, which might not have been a deliberate release of a bioweapon, but the Chinese clearly employed their bioweapons playbook once it was out. After all, when it was more possible to fly to Milan from Wuhan than it was to fly to Beijing, you can’t really deny the ChiComs would much rather let that virus spread around the world than to contain the damage to within their own borders.
Now the contagion is in cyberspace.
It’s been in the culture. It’s clearly in politics and finance.
What’s next? Taiwan?
And what will Biden do to check China before there is a hot war in the South China Sea or somewhere else? What plans does he have to force these people to behave as members of the world community?
Plans?
Come on, man.
