Home » World News »
Ransom-seeking hackers taking advantage of Microsoft flaw: Expert
WASHINGTON (REUTERS) – Ransom-seeking hackers have begun taking advantage of a recently disclosed flaw in Microsoft’s widely used mail server software, a researcher said late Wednesday (March 10) – a serious escalation that could portend widespread digital disruption.
The disclosure, made on Twitter by Microsoft security program manager Phillip Misner, is the realisation of worries that have been coursing through the security community for days.
Since March 2, when Microsoft announced the discovery of serious vulnerabilities in its Exchange software, experts have warned that it was only a matter of time before ransomware gangs began using them to shake down organisations across the Internet.
Mr Misner did not immediately respond to follow-up messages and Microsoft did not return e-mails seeking comment.
The US Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation also did not immediately respond.
Even though the security holes announced by Microsoft have since been fixed, organisations worldwide have failed to patch their software, leaving them open to exploitation. In Germany alone, officials have said that up to 60,000 networks remained vulnerable.
The fixes are free, but experts attribute the sluggish pace of many customers’ updates in part to the complexity of Exchange’s architecture.
All manner of hackers have begun taking advantage of the holes – one security firm recently counted 10 separate hacking groups using the flaws – but ransomware operators are among the most feared.
Those groups work by locking users out of their devices and data unless the victims cough up big chunks of digital currency.
They now potentially have access to “a huge number of vulnerable systems”, said Mr Brett Callow of Canadian cyber-security company Emsisoft.
He said more modest companies – many of which lack the ability or awareness to update their software – could be particularly affected by the latest variant of ransomware.
“This is a potentially serious risk to small businesses,” he said.
Join ST’s Telegram channel here and get the latest breaking news delivered to you.
Source: Read Full Article