Tens of thousands of email servers hacked due to Microsoft vulnerability



[ad_1]

Washington. Due to a security breach that became known a few days ago, according to US media reports, tens of thousands of email servers belonging to companies, government agencies and educational institutions have been the victims of hacker attacks. There has been a security update for the vulnerability in Microsoft’s Exchange Server software since last Wednesday. But it must be installed by the customer. On Friday, the Federal Office for Information Security (BSI) warned thousands of German companies to fill the void quickly.

Information on the number of people affected varied widely in the reports. Worldwide there could be more than 250,000 victims, the “Wall Street Journal” wrote over the weekend, citing an informed person. A former US official familiar with the investigation told Bloomberg Financial Services that they knew of at least 60,000 affected email servers. IT security specialist Brian Krebs and computer magazine “Wired” reported on 30,000 hacked email systems in the US alone.

German companies particularly affected by the Microsoft Exchange vulnerability

“In an international comparison, German companies are particularly affected by this Microsoft Exchange breach,” said Rüdiger Trost of IT security company F-Secure on Sunday. “The reason: German companies fear the cloud and therefore often operate services like Exchange locally.”

Microsoft warned on Wednesday that the four previously publicly unknown security holes are being exploited by suspected Chinese hackers. The group of hackers, whom Microsoft calls “Hafnium”, wanted to use the vulnerabilities to access information in the United States. The targets were, among others, research on infectious diseases, as well as universities, law firms and companies with defense contracts. The attacks were targeted and Microsoft had no evidence that private customers were also targeted. However, unsecured systems have reportedly come under attack on a broad front since the vulnerabilities were announced.

According to Microsoft, the 2013, 2016 and 2019 versions of the Exchange server are affected. Many companies, authorities and educational institutions use Exchange as their email platform. In case of a successful attack through the vulnerabilities, it is possible to access the data of the email system. Microsoft has been aware of security breaches by IT security researchers.

[ad_2]