24 March,2021 09:08 AM IST | New Delhi | IANS
Microsoft. Pic/AFP
The key vulnerabilities in the Microsoft business email servers have left cyber security experts flummoxed as this free-for-all attack opportunity is now being exploited by vast numbers of criminal gangs, state-backed threat actors and opportunistic "script kiddies," researchers at F-Secure have warned.
To make matters worse, proof-of-concept automated attack scripts are being made publicly available, making it possible for even unskilled attackers to quickly gain remote control of a vulnerable Microsoft Exchange Server.
"Tens of thousands of servers have been hacked around the world. They're being hacked faster than we can count," said Antti Laatikainen, senior security consultant at the cyber security firm F-Secure.
According to F-Secure analytics, only about half of the Exchange servers visible on the Internet have applied the Microsoft patches for these vulnerabilities.
ALSO READ
Nara Lokesh meets Microsoft CEO Satya Nadella in US, seeks support for advancing IT in Andhra
Infosys and Microsoft Expand Strategic Collaboration to Accelerate Customer Adoption of The Microsoft Cloud and Generative AI
Agilitz continues its growth towards becoming a leading Microsoft BizApps specialist globally; launches its next delivery centre in Bhubaneswar
LinkedIn adds Bengali, Marathi, Punjabi and Telugu language options
Polarin by Lightstorm now available in the Microsoft Azure Marketplace
"Never in the past 20 years that I've been in the industry, has it been as justified to assume that there has been at least a digital knock at the door for every business in the world with Exchange installed. Because access is so easy, you can assume that majority of these environments have been breached," Laatikainen stressed.
Taiwanese electronics and computer maker Acer has already been hit by a ransomware attack where the hackers are demanding $50 million, the largest known ransom to date.
According to Bleeping Computer, hackers have accessed Acer documents that include financial spreadsheets, bank balances and bank communications, compromising its network via a Microsoft Exchange server vulnerability.
Earlier reports have claimed that five different hacking groups (including China-backed hacking group called 'Hafnium') are exploiting vulnerabilities in the business email servers of Microsoft.
Microsoft has released an emergency patch for its Exchange Server product, the most popular mail server worldwide.
According to the F-Secure report, Countries currently seeing the most detections (in descending order) are Italy, Germany, France, the UK, the US, Belgium, Kuwait, Sweden, the Netherlands and Taiwan.
Laatikainen expects that companies will start reporting breaches soon.
The GDPR data protection regulation demands that theft of personal data must be reported to the data protection authorities within 72 hours.
"You have to expect that the number of GDPR breach reports coming in the next few weeks will be historic. Your company doesn't have to be on the long list of organisations reporting breaches tomorrow if you take the right steps today," he noted.
"Companies that have security monitoring capabilities in place, along with networking monitoring and effective path policy can fight back. There are a ton of things they can do manually to prevent a full disaster. I just encourage them to do them immediately," the security expert suggested.
This story has been sourced from a third party syndicated feed, agencies. Mid-day accepts no responsibility or liability for its dependability, trustworthiness, reliability and data of the text. Mid-day management/mid-day.com reserves the sole right to alter, delete or remove (without notice) the content in its absolute discretion for any reason whatsoever