GCHQ warns companies to hack their Microsoft email servers after suspected China | Urgently update Science & Tech News
The UK’s National Cyber Security Center, part of GCHQ, warns companies to urgently update their Microsoft email servers following a government-sponsored espionage campaign.
Microsoft warned against it that several groups exploited a global and indiscriminate hack of their customers’ local email servers, attributing the attack to a government-sponsored group based in China with tens of thousands of potential victims worldwide.
The NCSC has highlighted the immediate need for organizations to patch their vulnerable Microsoft Exchange servers and warns that the careless techniques used by attackers could also allow criminals to break into victims’ networks.
Sky News believes there has been no compromise between public sector organizations in the UK due to the government sponsored attack with vulnerabilities in Microsoft Exchange.
Security officials believe there could be as many as 8,000 vulnerable Microsoft servers in the country’s private sector, though they estimate roughly half of them may have been patched.
Last week, government security agencies stepped up Microsoft’s urgent call to customers running on-premises Exchange servers to apply the patch, and the company is now warning that multiple groups are using unpatched systems.
Microsoft initially warned that the state-sponsored group “primarily targets companies in the EU United States in a number of industries including infectious disease researchers, law firms, higher education institutions, defense companies, political think tanks and NGOs “.
After compromising these organizations’ email servers, the attackers created web shells – interfaces that allow them to remotely access the compromised network even after patching the original vulnerabilities – which creates additional concern.
Security officials have hit 2,300 corporate webshells in the UK, but more may go undetected.
NCSC Director of Operations Paul Chichester said: “We are working closely with industry and international partners to understand the extent and impact of exposure in the UK. However, it is important that all organizations take immediate action to protect them Seize networks.
“While doing this, the most important action you take is to get the latest Microsoft updates.
“Businesses should also be exposed to the threat of ransomware and familiarize yourself with our instructions. All incidents involving UK organizations should be reported to the NCSC, “he added.
Thank You For Visiting. Please Support This Site By SHARING And Following Us In The Social Networks.