[ad_1]
Thousands of Microsoft Exchange servers are still compromised by hackers even after applying fixes, a senior US cybersecurity official said on Monday, citing data from cybersecurity companies.
Brandon Wales, acting director of the Cybersecurity and Infrastructure Security Agency, said owners of email servers that were compromised before Microsoft Corp. issued a patch nearly three weeks ago should take additional steps to remove the hackers of their networks.
“We remain committed to supporting our customers against these attacks, innovating our approach to security, and partnering closely with governments and the security industry to help keep our customers and communities safe,” a Microsoft spokesperson said Monday. .
Servers that remain compromised could be used as a launching pad for hackers to launch ransomware attacks on computer networks, where files are encrypted and held as ransom in exchange for payment. So far, reports of ransomware attacks within compromised networks have been rare.
ALSO READ: Microsoft updates Defender Antivirus to mitigate Exchange server vulnerabilities
Last week, Microsoft released a tool that allows local Exchange server owners to fix security flaws with one click. But hackers may have already breached those servers and may remain within computer networks even after applying the solution. Microsoft has said the attack started with a Chinese government-backed group of hackers who were accused of exploiting previously unknown vulnerabilities in the Exchange commercial email software widely used by Microsoft.
About 45% of vulnerable systems were patched in the past week, a spokesman for the National Security Council said. Currently, there are fewer than 10,000 vulnerable systems left in the US, compared to at least 120,000 at the beginning.
By William Turton
