North Dakota suspects Chinese hackers had control of public email servers during cyberattack

BISMARCK — The North Dakota Department of Information Technology believes Chinese hackers had access to data in public email servers belonging to cities, counties and school districts in the state.

A group of government-sponsored Chinese "threat actors" known as Hafnium had control of the local entities' Microsoft Exchange email servers, but the department is still investigating whether the hackers took data or caused any harm, Chief Information Security Officer Kevin Ford said through department spokeswoman Kelly Ivahnenko.

"The fact of the matter is that we don’t know what (Hafnium) did once they had the (hacking tools) on the servers," Ivahnenko said in a text message. "They may have just installed them and never touched them. They may have done something different on each computer they touched. What they did when they had control is still under investigation."

Microsoft announced earlier this week it had discovered flaws in its Exchange Server software that Beijing-backed Hafnium hackers had exploited to gain access to email accounts. The full extent of the cyberattack is unknown, but it's thought to affect email servers nationwide.

Read more: https://www.thedickinsonpress.com/business/technology/6920998-North-Dakota-suspects-Chinese-hackers-had-control-of-public-email-servers-during-cyberattack