Microsoft says ransom-seeking hackers taking advantage of server flaws

Ransom-seeking have begun taking advantage of a recently disclosed flaw in Microsoft’s widely used mail server software, the company said early Thursday – a serious escalation that could portend widespread digital disruption.

The disclosure, initially made on Twitter by Corp security program manager Phillip Misner and later confirmed by the Redmond, Washington-based company, is the realization of worries that have been coursing through the security community for days.

Since March 2, when announced the discovery of serious vulnerabilities in its Exchange software, experts have warned that it was only a matter of time before ransomware gangs began using them to shake down organizations across the internet.

Misner didn’t immediately respond to follow-up messages and did not return emails seeking further comment. The U.S. Cybersecurity and Infrastructure Security Agency and the FBI also didn’t immediately respond.

Even though the security holes announced by Microsoft have since been fixed, organizations worldwide have failed to patch their software, leaving them open to exploitation. Experts attribute the sluggish pace of many customers’ updates in part to the complexity of Exchange’s architecture and lack of expertise. In Germany alone, officials have said that up to 60,000 networks remained vulnerable.

All manner of have begun taking advantage of the holes – one security firm recently counted 10 separate hacking groups using the flaws – but ransomware operators are among the most feared.

Those groups work by locking users out of their devices and data unless the victims cough up big chunks of digital currency.

They now potentially have access “into a huge number of vulnerable systems,” said Brett Callow of cybersecurity company Emsisoft.

He said more modest companies – many of which lack the ability or awareness to update their software – could be particularly affected by the latest variant of ransomware.

“This is a potentially serious risk to small businesses,” he said.

Dear Reader,

Business Standard has always strived hard to provide up-to-date information and commentary on developments that are of interest to you and have wider political and economic implications for the country and the world. Your encouragement and constant feedback on how to improve our offering have only made our resolve and commitment to these ideals stronger. Even during these difficult times arising out of Covid-19, we continue to remain committed to keeping you informed and updated with credible news, authoritative views and incisive commentary on topical issues of relevance.

We, however, have a request.

As we battle the economic impact of the pandemic, we need your support even more, so that we can continue to offer you more quality content. Our subscription model has seen an encouraging response from many of you, who have subscribed to our online content. More subscription to our online content can only help us achieve the goals of offering you even better and more relevant content. We believe in free, fair and credible journalism. Your support through more subscriptions can help us practise the journalism to which we are committed.

Support quality journalism and subscribe to Business Standard.

Digital Editor

Source link