Microsoft says ransom-seeking hackers take advantage of server failures


FILE PHOTO: A Microsoft logo appears on a storefront in the Manhattan borough of New York City, New York, USA, January 25, 2021. REUTERS / Carlo Allegri

WASHINGTON (Reuters) – Hackers seeking ransom have begun to exploit a recently revealed flaw in Microsoft’s mail server software, the company said early Thursday, a serious escalation that could herald widespread digital disruption.

The disclosure, initially made on Twitter by Microsoft Corp’s security program manager Phillip Misner, and later confirmed by the Redmond, Washington-based company, is a realization of concerns that have been roaming the security community for days. .

Since March 2, when Microsoft announced the discovery of serious vulnerabilities in its Exchange software, experts have warned that it was only a matter of time before ransomware gangs began using them to shake up organizations on the Internet.

Misner did not immediately respond to follow-up messages, and Microsoft did not respond to emails seeking further comment. The US Cybersecurity and Infrastructure Security Agency and the FBI also did not immediately respond.

Although the security holes announced by Microsoft have since been fixed, organizations around the world have not patched their software, leaving them open to exploitation. Experts attribute the slow pace of updates for many customers in part to the complexity of the Exchange architecture and lack of experience. In Germany alone, officials have said that up to 60,000 networks remain vulnerable.

All kinds of hackers have started to exploit the holes (a security company recently counted 10 separate groups of hackers using the flaws), but ransomware operators are among the most feared.

Those groups work by blocking users from their devices and data unless victims drop large chunks of digital currency. They now have potentially access “to a large number of vulnerable systems,” said Brett Callow of cybersecurity company Emsisoft.

He said that more modest companies, many of which lack the capacity or knowledge to update their software, could be particularly affected by the latest ransomware variant.

“This is a potentially serious risk for small businesses,” he said.

Reporting by Raphael Satter; edited by Gerry Doyle and Jonathan Oatis

.

Source link